www.ochsner.org Open in urlscan Pro
50.57.30.83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ochsner.org/coronavirus
Submission: On March 31 via manual (March 31st 2021, 8:02:51 pm UTC) from US

Summary HTTP 215 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 72 IPs in 11 countries across 76 domains to perform 215 HTTP transactions. The main IP is 50.57.30.83, located in United States and belongs to RACKSPACE, US. The main domain is www.ochsner.org.
TLS certificate: Issued by HydrantID SSL ICA G2 on August 27th 2020. Valid for: a year.

This is the only time www.ochsner.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	50.57.30.83 50.57.30.83	19994 (RACKSPACE) (RACKSPACE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:7034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.183.157.211 68.183.157.211	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	52.219.102.161 52.219.102.161	16509 (AMAZON-02) (AMAZON-02)
6	40.74.227.172 40.74.227.172	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.174.92.145 54.174.92.145	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
11	52.216.134.59 52.216.134.59	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
1	2606:4700:e6:... 2606:4700:e6::ac40:c418	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	104.111.247.190 104.111.247.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	207.189.124.124 207.189.124.124	13649 (ASN-VINS) (ASN-VINS)
1 1	13.32.25.82 13.32.25.82	16509 (AMAZON-02) (AMAZON-02)
1	52.217.0.85 52.217.0.85	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.25.5.245 52.25.5.245	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:a800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.224.161.34 3.224.161.34	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::19 2620:1ec:bdf::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.48.82.49 52.48.82.49	16509 (AMAZON-02) (AMAZON-02)
1	80.252.91.52 80.252.91.52	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
4 8	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
5 8	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2	54.77.254.70 54.77.254.70	16509 (AMAZON-02) (AMAZON-02)
1	18.185.81.62 18.185.81.62	16509 (AMAZON-02) (AMAZON-02)
4 34	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
5 7	35.157.249.55 35.157.249.55	16509 (AMAZON-02) (AMAZON-02)
2	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	3.123.78.164 3.123.78.164	16509 (AMAZON-02) (AMAZON-02)
2 2	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
5 5	52.59.28.101 52.59.28.101	16509 (AMAZON-02) (AMAZON-02)
3 6	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	52.28.82.26 52.28.82.26	16509 (AMAZON-02) (AMAZON-02)
2 4	23.202.53.51 23.202.53.51	16625 (AKAMAI-AS) (AKAMAI-AS)
9 10	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 2	52.58.221.124 52.58.221.124	16509 (AMAZON-02) (AMAZON-02)
1 1	35.158.87.209 35.158.87.209	16509 (AMAZON-02) (AMAZON-02)
2	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
3 5	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
9 9	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 4	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
4	184.30.210.81 184.30.210.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	34.255.79.142 34.255.79.142	16509 (AMAZON-02) (AMAZON-02)
2	52.218.29.163 52.218.29.163	16509 (AMAZON-02) (AMAZON-02)
2	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
2	88.80.189.68 88.80.189.68	63949 (LINODE-AP...) (LINODE-AP Linode)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	13.226.159.66 13.226.159.66	16509 (AMAZON-02) (AMAZON-02)
6 8	52.4.128.233 52.4.128.233	14618 (AMAZON-AES) (AMAZON-AES)
6 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
4 4	52.49.59.93 52.49.59.93	16509 (AMAZON-02) (AMAZON-02)
2 2	52.28.42.15 52.28.42.15	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 6	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	35.158.49.68 35.158.49.68	16509 (AMAZON-02) (AMAZON-02)
6 6	108.129.45.237 108.129.45.237	16509 (AMAZON-02) (AMAZON-02)
2	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
6 8	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
4 4	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
2	13.226.159.42 13.226.159.42	16509 (AMAZON-02) (AMAZON-02)
2	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
2 5	3.64.73.215 3.64.73.215	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:211... 2600:9000:211e:e800:d:b853:c880:93a1	16509 (AMAZON-02) (AMAZON-02)
215	72

7 50.57.30.83 (United States)

ASN19994 (RACKSPACE, US)

www.ochsner.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7034 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.sitescdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.157.211 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: server1.wpcc.io

wpcc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.102.161 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.74.227.172 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

guide.loyalhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.92.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-92-145.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.134.59 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ochsner-craft.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c418 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.189.124.124 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

ochsner.hrm.healthgrades.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cid3.actonsoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.25.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-82.fra56.r.cloudfront.net

cid3.aocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.0.85 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.25.5.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-5-245.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:a800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.161.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-161-34.compute-1.amazonaws.com

ochsner.us-1.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f106:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

guidecdn.loyalhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn2gabpsdv2al2gdj-ochsner.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.48.82.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-82-49.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.52 (Amsterdam, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.167.164.49 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.15 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.254.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-254-70.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.81.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-81-62.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 37.157.3.30 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.157.249.55 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.78.164 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.114 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.59.28.101 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.82.26 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-82-26.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.202.53.51 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-53-51.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 77.243.60.138 (Aalborg, Denmark) 9 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.221.124 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.87.209 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

l.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.171.173.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.210.81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.79.142 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.29.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (Canada)

ASN16276 (OVH, FR)

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.80.189.68 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li700-68.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-66.dus51.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.4.128.233 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-128-233.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.59.93 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.42.15 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.49.68 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.129.45.237 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.46.185.182 (Englewood, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.89.21.10 (London, United Kingdom) 6 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.16.14 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.100.125 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-42.dus51.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.64.73.215 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e800:d:b853:c880:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

redirect.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	adform.net 8 redirects a2.adform.net s2.adform.net c1.adform.net dmp.adform.net	80 KB
16	amazonaws.com s3.us-east-2.amazonaws.com ochsner-craft.s3.amazonaws.com s3.amazonaws.com s3-eu-west-1.amazonaws.com	2 MB
15	gstatic.com fonts.gstatic.com www.gstatic.com	600 KB
11	doubleclick.net 10 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
10	semasio.net 9 redirects uipglob.semasio.net uip.semasio.net	6 KB
10	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	90 KB
8	id5-sync.com 6 redirects id5-sync.com	12 KB
8	audrte.com 6 redirects a.audrte.com	9 KB
8	adsrvr.org 6 redirects insight.adsrvr.org match.adsrvr.org	3 KB
8	adnxs.com 5 redirects secure.adnxs.com	8 KB
8	loyalhealth.com guide.loyalhealth.com guidecdn.loyalhealth.com	357 KB
7	360yield.com 5 redirects ad.360yield.com ice.360yield.com	3 KB
7	google.com 1 redirects www.google.com	19 KB
7	ochsner.org www.ochsner.org	364 KB
6	mathtag.com 2 redirects pixel.mathtag.com	4 KB
6	tapad.com 6 redirects pixel.tapad.com	2 KB
6	openx.net 4 redirects eu-u.openx.net us-u.openx.net	1 KB
6	yahoo.com 3 redirects ups.analytics.yahoo.com	5 KB
6	userway.org cdn.userway.org api.userway.org	28 KB
5	3lift.com 2 redirects eb2.3lift.com	2 KB
5	rlcdn.com 3 redirects idsync.rlcdn.com	1 KB
5	advertising.com 5 redirects pixel.advertising.com	2 KB
5	googletagmanager.com www.googletagmanager.com	218 KB
4	1dmp.io 2 redirects sync.1dmp.io	2 KB
4	weborama.fr 4 redirects redirect.frontend.weborama.fr	900 B
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	demdex.net 4 redirects dpm.demdex.net	3 KB
4	bluekai.com tags.bluekai.com	2 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
4	adscale.de 4 redirects ih.adscale.de	1 KB
4	facebook.com www.facebook.com	472 B
4	crazyegg.com script.crazyegg.com	25 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	userreport.com 1 redirects pdw-adf.userreport.com redirect.userreport.com	1 KB
3	facebook.net connect.facebook.net	163 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	18 KB
2	contentexchange.me match.contentexchange.me	97 B
2	smaato.net s.ad.smaato.net	473 B
2	teads.tv sync.teads.tv	344 B
2	ib-ibi.com global.ib-ibi.com	144 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	912 B
2	agkn.com 2 redirects aa.agkn.com	687 B
2	pubmatic.com simage2.pubmatic.com	2 KB
2	adsafety.net cm.adsafety.net	458 B
2	onaudience.com pixel.onaudience.com	496 B
2	adrtx.net 2 redirects api.adrtx.net	814 B
2	exelator.com loadm.exelator.com	648 B
2	eyeota.net ps.eyeota.net	688 B
2	sharethis.com 1 redirects sync.sharethis.com	631 B
2	stickyadstv.com ads.stickyadstv.com	1 KB
2	smartadserver.com 2 redirects rtb-csync.smartadserver.com	1 KB
2	rubiconproject.com token.rubiconproject.com	428 B
2	yieldlab.net ad.yieldlab.net	720 B
2	google.de www.google.de	637 B
2	googleadservices.com www.googleadservices.com	16 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	polyfill.io cdn.polyfill.io	915 B
2	googleapis.com fonts.googleapis.com	2 KB
1	consensu.org 1 redirects l.sharethis.mgr.consensu.org	388 B
1	mediaiqdigital.com pixel.mediaiqdigital.com	501 B
1	qualtrics.com zn2gabpsdv2al2gdj-ochsner.siteintercept.qualtrics.com	18 KB
1	evergage.com ochsner.us-1.evergage.com	691 B
1	quantcount.com rules.quantcount.com	3 KB
1	actonsoftware.com cid3.actonsoftware.com
1	aocdn.net 1 redirects cid3.aocdn.net	290 B
1	healthgrades.com 1 redirects ochsner.hrm.healthgrades.com	183 B
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
1	evgnet.com cdn.evgnet.com	37 KB
1	jsdelivr.net cdn.jsdelivr.net	6 KB
1	callrail.com cdn.callrail.com	11 KB
1	wpcc.io wpcc.io	2 KB
1	sitescdn.net assets.sitescdn.net	2 KB
1	fontawesome.com use.fontawesome.com	12 KB
0	angsrvr.com Failed sy.eu.angsrvr.com Failed
215	76

	Domain	Requested by
26	c1.adform.net	4 redirects a2.adform.net c1.adform.net
11	ochsner-craft.s3.amazonaws.com	www.ochsner.org
10	fonts.gstatic.com	fonts.googleapis.com
9	cm.g.doubleclick.net	9 redirects
9	uipglob.semasio.net	9 redirects
8	id5-sync.com	6 redirects c1.adform.net
8	dmp.adform.net	c1.adform.net
8	a.audrte.com	6 redirects c1.adform.net
8	secure.adnxs.com	5 redirects www.ochsner.org c1.adform.net
8	a2.adform.net	4 redirects www.ochsner.org a2.adform.net
7	www.google.com	1 redirects www.ochsner.org www.gstatic.com www.google.com
7	www.ochsner.org	www.ochsner.org
6	match.adsrvr.org	6 redirects
6	pixel.mathtag.com	2 redirects a2.adform.net www.ochsner.org pixel.mathtag.com
6	pixel.tapad.com	6 redirects
6	ups.analytics.yahoo.com	3 redirects c1.adform.net
6	guide.loyalhealth.com	www.ochsner.org guide.loyalhealth.com
5	eb2.3lift.com	2 redirects c1.adform.net
5	idsync.rlcdn.com	3 redirects c1.adform.net
5	pixel.advertising.com	5 redirects
5	beacon.krxd.net	cdn.krxd.net c1.adform.net
5	www.gstatic.com	www.google.com
5	www.googletagmanager.com	www.ochsner.org www.googletagmanager.com guide.loyalhealth.com
4	sync.1dmp.io	2 redirects c1.adform.net
4	redirect.frontend.weborama.fr	4 redirects
4	pm.w55c.net	4 redirects
4	dpm.demdex.net	4 redirects
4	eu-u.openx.net	2 redirects c1.adform.net
4	tags.bluekai.com	c1.adform.net
4	sync.crwdcntrl.net	2 redirects c1.adform.net
4	dsum-sec.casalemedia.com	2 redirects c1.adform.net
4	x.bidswitch.net	4 redirects
4	ih.adscale.de	4 redirects
4	ad.360yield.com	2 redirects c1.adform.net
4	www.facebook.com	www.ochsner.org connect.facebook.net
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com guide.loyalhealth.com
4	cdn.userway.org	www.ochsner.org cdn.userway.org
3	ice.360yield.com	3 redirects
3	connect.facebook.net	www.ochsner.org connect.facebook.net
3	cdn.krxd.net	www.ochsner.org cdn.krxd.net
2	us-u.openx.net	2 redirects
2	match.contentexchange.me	c1.adform.net
2	s.ad.smaato.net	c1.adform.net
2	sync.teads.tv	c1.adform.net
2	global.ib-ibi.com	c1.adform.net
2	dsp.adfarm1.adition.com	2 redirects
2	aa.agkn.com	2 redirects
2	pdw-adf.userreport.com	c1.adform.net
2	simage2.pubmatic.com	c1.adform.net
2	cm.adsafety.net	c1.adform.net
2	pixel.onaudience.com	c1.adform.net
2	s3-eu-west-1.amazonaws.com	c1.adform.net
2	api.adrtx.net	2 redirects
2	loadm.exelator.com	c1.adform.net
2	ps.eyeota.net	c1.adform.net
2	sync.sharethis.com	1 redirects c1.adform.net
2	ads.stickyadstv.com	c1.adform.net
2	rtb-csync.smartadserver.com	2 redirects
2	token.rubiconproject.com	c1.adform.net
2	ad.yieldlab.net	c1.adform.net
2	insight.adsrvr.org	www.ochsner.org
2	s2.adform.net	www.ochsner.org
2	guidecdn.loyalhealth.com	www.ochsner.org
2	consumer.krxd.net	cdn.krxd.net
2	www.google.de	www.ochsner.org
2	api.userway.org	cdn.userway.org guide.loyalhealth.com
2	secure-ds.serving-sys.com	www.googletagmanager.com guide.loyalhealth.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	s3.us-east-2.amazonaws.com	www.ochsner.org
2	cdn.polyfill.io	www.ochsner.org
2	fonts.googleapis.com	www.ochsner.org
1	uip.semasio.net	c1.adform.net
1	redirect.userreport.com	1 redirects
1	l.sharethis.mgr.consensu.org	1 redirects
1	pixel.mediaiqdigital.com	www.ochsner.org
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	zn2gabpsdv2al2gdj-ochsner.siteintercept.qualtrics.com	www.ochsner.org
1	googleads.g.doubleclick.net	1 redirects
1	pixel.quantserve.com	www.ochsner.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	ochsner.us-1.evergage.com	cdn.evgnet.com
1	rules.quantcount.com	secure.quantserve.com
1	s3.amazonaws.com	www.googletagmanager.com
1	cid3.actonsoftware.com	www.ochsner.org
1	cid3.aocdn.net	1 redirects
1	ochsner.hrm.healthgrades.com	1 redirects
1	secure.quantserve.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.ochsner.org
1	cdn.evgnet.com	www.googletagmanager.com
1	cdn.jsdelivr.net	www.ochsner.org
1	cdn.callrail.com	www.ochsner.org
1	wpcc.io	www.ochsner.org
1	assets.sitescdn.net	www.ochsner.org
1	use.fontawesome.com	www.ochsner.org
0	sy.eu.angsrvr.com Failed	c1.adform.net
215	96

This site contains links to these domains. Also see Links.

Domain
education.ochsner.org
research.ochsner.org
giving.ochsner.org
doctors.ochsner.org
my.ochsner.org
blog.ochsner.org
www.youtube.com
www.cdc.gov
www.facebook.com
www.twitter.com
www.linkedin.com
www.instagram.com
www.pinterest.com
ochsner.wd1.myworkdayjobs.com
webmail.ochsner.org
ohslink.ochsner.org
workday.ochsner.org
calendar.ochsner.org
news.ochsner.org
www.elmwoodfitness.com
www.brenthouse.com

Subject Issuer	Validity	Valid
www.ochsner.org HydrantID SSL ICA G2	`2020-08-27` - `2021-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
sitescdn.net Cloudflare Inc ECC CA-3	`2021-02-04` - `2022-02-03`	a year	crt.sh
wpcc.io Sectigo RSA Domain Validation Secure Server CA	`2020-06-22` - `2021-06-22`	a year	crt.sh
cdn.userway.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-05` - `2022-01-05`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-14` - `2022-01-18`	a year	crt.sh
*.loyalhealth.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-23` - `2021-09-23`	a year	crt.sh
cdn.callrail.com Amazon	`2021-03-26` - `2022-04-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
cdn.evergage.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-04-27`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-03-17` - `2022-03-22`	a year	crt.sh
*.actonsoftware.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-24` - `2021-09-24`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
api.userway.org Amazon	`2020-12-02` - `2021-12-31`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.us-1.evergage.com Amazon	`2020-10-02` - `2021-11-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.mediaiqdigital.com Amazon	`2020-05-11` - `2021-06-10`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.eyeota.net R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-03-24` - `2022-03-30`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2020-05-28` - `2021-05-28`	a year	crt.sh
*.adsafety.net R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
sync.1dmp.io R3	`2021-03-27` - `2021-06-25`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2020-05-22` - `2021-06-04`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.ochsner.org/coronavirus
Frame ID: 08886B046AC466F8ACF8A8DE7768100B
Requests: 112 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&co=aHR0cHM6Ly93d3cub2Noc25lci5vcmc6NDQz&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=8goxipmyg6q6
Frame ID: 94F5606B80E28DF9E01D22D02085BD76
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&cb=qejcqjw8fn08
Frame ID: 8EC0AD69EC409DF1639480C43B19EF57
Requests: 3 HTTP requests in this frame

Frame: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Frame ID: A57B23FEFCE34EF66012C0C4B2393A7F
Requests: 2 HTTP requests in this frame

Frame: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Frame ID: A5409249D3536C4AC8FF3BA063D2A094
Requests: 2 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1421453%26seg%3D24917055%26t%3D2
Frame ID: 19CE46237509AE20EF2BD897E3F832E1
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/pxl/?adv=xczmexd&ct=0:u6r84y9&fmt=3
Frame ID: 33ECE85770833B61C5D54E6771E73F24
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/pxl/?adv=xczmexd&ct=0:7n4oqcp&fmt=3
Frame ID: E86A1DA730861AE25D1BD6F07E53E8F0
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1280628&uid=1160829444962758288
Frame ID: 4265565A5D40A2983450948F90C2346B
Requests: 1 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2031136&lid=70034744&ctype=0&media=0&PageName=RT&rnd=1790574974&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus
Frame ID: 46821764F102BDC5AC221DB181996AE0
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Frame ID: E70C8C375420DCC469FECA0EAA5E0EC4
Requests: 46 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2031136&lid=70035165&ctype=0&media=0&PageName=NOLA+Brand_Page+Engagement&rnd=1686557761&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus
Frame ID: B248386394735D19BE3490935C80D06E
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Frame ID: B3E9DFAB44FBD7DF861265B5578B7778
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast () Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

215
Requests

99 %
HTTPS

24 %
IPv6

76
Domains

96
Subdomains

72
IPs

11
Countries

3940 kB
Transfer

8658 kB
Size

8
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://education.ochsner.org/
Title: Education

Search URL Search Domain Scan URL

URL: https://research.ochsner.org/
Title: Research

Search URL Search Domain Scan URL

URL: https://giving.ochsner.org/Views/dp/donate/controller.cfm
Title: Giving

Search URL Search Domain Scan URL

URL: https://doctors.ochsner.org/
Title: Find A Doctor (current)

Search URL Search Domain Scan URL

URL: https://my.ochsner.org/prd

Search URL Search Domain Scan URL

URL: https://my.ochsner.org/PRD/
Title: Login

Search URL Search Domain Scan URL

URL: https://my.ochsner.org/PRD/accesscheck.asp
Title: Signup

Search URL Search Domain Scan URL

URL: https://blog.ochsner.org/
Title: "To Your Health" Blog

Search URL Search Domain Scan URL

URL: https://giving.ochsner.org/
Title: Philanthropy

Search URL Search Domain Scan URL

URL: https://my.ochsner.org/prd/
Title: Login to MyOchsner

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=nUp4FKiOo9Y
Title: controller-play

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ZNoFKmOnKOM
Title: controller-play

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=XF9UL1n4aBk
Title: controller-play

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=QtNZZWLdoeo
Title: controller-play

Search URL Search Domain Scan URL

URL: https://blog.ochsner.org/articles/is-covid-19-a-pandemic-or-endemic
Title: Is COVID-19 a Pandemic or Endemic?

Search URL Search Domain Scan URL

URL: https://blog.ochsner.org/articles/how-covid-hurts-the-brain
Title: How COVID Hurts the Brain

Search URL Search Domain Scan URL

URL: https://blog.ochsner.org/articles/can-eating-healthy-fight-covid-19
Title: Can Eating Healthy Fight COVID-19?

Search URL Search Domain Scan URL

URL: https://blog.ochsner.org/articles/covid-19-vaccine-and-dermal-fillers
Title: COVID-19 Vaccine and Dermal Fillers

Search URL Search Domain Scan URL

URL: https://giving.ochsner.org/Views/dp/donate/controller.cfm?CAMPAIGN=EmployeeAsst_COVID19
Title: Help Support Ochsner Employees right_arrow_circle_icon

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/coronavirus/2019-ncov/index.html
Title: Latest from the CDC right_arrow_circle_icon

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OchsnerHealth
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/OchsnerHealth
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ochsner-health-system-
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ochsnerhealth/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/ochsner
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ochsnerhealth/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://blog.ochsner.org/tags?tag=patient-stories
Title: Read Patient Stories

Search URL Search Domain Scan URL

URL: https://ochsner.wd1.myworkdayjobs.com/Ochsner
Title: Open Positions

Search URL Search Domain Scan URL

URL: http://webmail.ochsner.org/
Title: Webmail

Search URL Search Domain Scan URL

URL: https://ohslink.ochsner.org/vpn/index.html
Title: OHSLink

Search URL Search Domain Scan URL

URL: http://workday.ochsner.org/
Title: Workday

Search URL Search Domain Scan URL

URL: https://calendar.ochsner.org/
Title: Classes & Events

Search URL Search Domain Scan URL

URL: https://education.ochsner.org/gme
Title: Graduate Medical Education

Search URL Search Domain Scan URL

URL: https://education.ochsner.org/clined
Title: Clinical Medical Education

Search URL Search Domain Scan URL

URL: https://education.ochsner.org/cme
Title: Continuing Medical Education

Search URL Search Domain Scan URL

URL: https://education.ochsner.org/medical-library
Title: Medical Library

Search URL Search Domain Scan URL

URL: https://education.ochsner.org/publishing-services
Title: Publishing Services

Search URL Search Domain Scan URL

URL: https://education.ochsner.org/medical-illustrations
Title: Medical Illustrations

Search URL Search Domain Scan URL

URL: https://research.ochsner.org/clinical-trials/
Title: Clinical Trials

Search URL Search Domain Scan URL

URL: https://research.ochsner.org/applied-health/
Title: Applied Health Services Research

Search URL Search Domain Scan URL

URL: https://research.ochsner.org/clinical-research/
Title: Clinical Research & Trials

Search URL Search Domain Scan URL

URL: https://research.ochsner.org/nursing/
Title: Nursing Research

Search URL Search Domain Scan URL

URL: https://research.ochsner.org/translational/
Title: Translational Research

Search URL Search Domain Scan URL

URL: https://news.ochsner.org/annual-report
Title: Annual Report

Search URL Search Domain Scan URL

URL: https://news.ochsner.org/
Title: News & Media

Search URL Search Domain Scan URL

URL: http://www.elmwoodfitness.com/
Title: Ochsner Fitness Center

Search URL Search Domain Scan URL

URL: http://www.brenthouse.com/
Title: Brent House Hotel

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://ochsner.hrm.healthgrades.com/cdnr/cid3/acton/attachment/16475/f-02ac/1/-/-/-/-/AoProcessForm.js HTTP 302
https://cid3.aocdn.net/acton/attachment/16475/f-02ac/1/-/-/-/-/AoProcessForm.js HTTP 302
https://cid3.actonsoftware.com/acton/blocks/attachmentError.jsp?e=noDoc&a=16475&d=f-02ac

Request Chain 91

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&tiba=Coronavirus%20%7C%20Ochsner%20Health&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=btVkYMuUDNSG-gbx2pqQCw&sscte=1&crd=&eitems=ChEI8LuQgwYQ0tbLjZKet9iZARIdAKPY4fQUVkOdLHEP131Lba0aMEkJRla_XOqiJio HTTP 302
https://www.google.com/pagead/1p-conversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&tiba=Coronavirus%20%7C%20Ochsner%20Health&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=btVkYMuUDNSG-gbx2pqQCw&eitems=ChEI8LuQgwYQ0tbLjZKet9iZARIdAKPY4fSrL6G8TkoJay9mcqbynnAfViV92xDabD4&random=2003333984&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&tiba=Coronavirus%20%7C%20Ochsner%20Health&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=btVkYMuUDNSG-gbx2pqQCw&eitems=ChEI8LuQgwYQ0tbLjZKet9iZARIdAKPY4fSrL6G8TkoJay9mcqbynnAfViV92xDabD4&random=2003333984&resp=GooglemKTybQhCsO&ipr=y

Request Chain 119

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 120

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 121

https://secure.adnxs.com/px?id=1421453&seg=24917055&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1421453%26seg%3D24917055%26t%3D2

Request Chain 124

https://secure.adnxs.com/px?id=1280628&seg=22479586&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu3%3D%26u4%3D%26pixel_id%3D1280628%26uid%3D%24%7BUID%7D&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1280628%26seg%3D22479586%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu3%253D%2526u4%253D%2526pixel_id%253D1280628%2526uid%253D%2524%257BUID%257D%26t%3D2 HTTP 302
https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1280628&uid=1160829444962758288

Request Chain 125

https://a2.adform.net/Serving/TrackPoint/?pm=2031136&ADFPageName=RT&ADFdivider=%7C&ord=540354295668&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=RT&ADFdivider=%7C&ord=540354295668&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus

Request Chain 127

https://a2.adform.net/Serving/TrackPoint/?pm=2031136&ADFPageName=NOLA%20Brand_Page%20Engagement&ADFdivider=%7C&ord=244261939297&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=NOLA%20Brand_Page%20Engagement&ADFdivider=%7C&ord=244261939297&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus

Request Chain 133

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6578811291406717429&Expiration=1618430580 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6578811291406717429&Expiration=1618430580

Request Chain 136

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6578811291406717429&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6578811291406717429&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=49029f4fd8364eddbbc0617d147298fb HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426

Request Chain 137

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6578811291406717429&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=7908988310733984587

Request Chain 138

https://pixel.advertising.com/ups/55944/sync?uid=6578811291406717429&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=6578811291406717429&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6578811291406717429&_origin=1&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6578811291406717429&_origin=1&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true

Request Chain 141

https://x.bidswitch.net/sync?dsp_id=70&user_id=6578811291406717429 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6578811291406717429 HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent=&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42 HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent=&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true

Request Chain 142

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6578811291406717429&expiration=1618430580 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6578811291406717429&expiration=1618430580&C=1

Request Chain 143

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6578811291406717429&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6578811291406717429&sInitiator=external HTTP 302
https://sync.sharethis.com/semasio?uid=A6334ED2AB8D3001&gdpr=&gdpr_consent=&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D HTTP 301
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fsync.sharethis.com%2Fsemasio%3Fgdpr%3D%26gdpr_consent%3D%26rd%3D0%26rurl%3Dhttps%253A%252F%252Fuipglob.semasio.net%252Fsharethis%252F1%252Finfo%253FsType%253Dsync%2526sInitiator%253Dinternal%2526sExtCookieId%253D%26uid%3DA6334ED2AB8D3001 HTTP 302
https://sync.sharethis.com/semasio?gdpr=&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=A6334ED2AB8D3001

Request Chain 146

https://idsync.rlcdn.com/398366.gif?partner_uid=6578811291406717429 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjU3ODgxMTI5MTQwNjcxNzQyORAAGg0I9KqTgwYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH6k0a_SWUQCKxVVvx1PTFs&google_cver=1

Request Chain 147

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6578811291406717429 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6578811291406717429

Request Chain 149

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6578811291406717429 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6578811291406717429

Request Chain 150

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjU3ODgxMTI5MTQwNjcxNzQyOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NjU3ODgxMTI5MTQwNjcxNzQyOQ&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHt-GsiYdqtot_RcbbpKulk&google_cver=1&google_ula=1641347,0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHt-GsiYdqtot_RcbbpKulk&google_cver=1&google_ula=1641347,0

Request Chain 156

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=1483669026971755489&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934

Request Chain 159

https://a.audrte.com/a?adform_uid=6578811291406717429 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19 HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&google_gid=CAESEE4DnhNnvWYriCA42RNdzyI&google_cver=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=g7fJPFhR8ElQLi2TGEe5GEsNQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D HTTP 302
https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 160

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6578811291406717429&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6578811291406717429&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=78524647244521337980564930904862019553&noredirect=1

Request Chain 161

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6578811291406717429 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010203742001362431

Request Chain 162

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228109093004

Request Chain 164

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=23aa6064-d575-4e00-bed1-d15116a946f6

Request Chain 165

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=uByTF2ov1LrH3n5

Request Chain 166

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c

Request Chain 168

https://id5-sync.com/s/10/0.gif?puid=6578811291406717429 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=6578811291406717429&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOT6QIoTAlgzdbTHgnoZ7YDm_5XI07Q-FJe7k3qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOT6QIoTAlgzdbTHgnoZ7YDm_5XI07Q-FJe7k3qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=7d4225f5-2ac5-4593-945c-d8444edfabbe&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=

Request Chain 169

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=200950015 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu

Request Chain 171

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6578811291406717429 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6578811291406717429&cs=1

Request Chain 173

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6578811291406717429&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6578811291406717429&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc

Request Chain 178

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5328706582315970934&Expiration=1618430580 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5328706582315970934&Expiration=1618430580

Request Chain 181

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5328706582315970934&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5328706582315970934&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=48df641dc8cc4146ab93e0e998b28d1b HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426

Request Chain 182

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5328706582315970934&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=3250148726832108531

Request Chain 183

https://pixel.advertising.com/ups/55944/sync?uid=5328706582315970934&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=5328706582315970934&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5328706582315970934&_origin=1&apid=UP181be658-925c-11eb-9809-06bd269667d6 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5328706582315970934&_origin=1&apid=UP181be658-925c-11eb-9809-06bd269667d6&verify=true

Request Chain 186

https://x.bidswitch.net/sync?dsp_id=70&user_id=5328706582315970934 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5328706582315970934 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=3088094a-c2cf-4626-8862-ab1453a531f3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=3088094a-c2cf-4626-8862-ab1453a531f3&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 187

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5328706582315970934&expiration=1618430580 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5328706582315970934&expiration=1618430580&C=1

Request Chain 188

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5328706582315970934&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5328706582315970934&sInitiator=external HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=f0121c39-bc29-486c-a3cc-bce08d1e2549 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODYzMzU0QjYyQkU5MjBFNQ&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENe_LBkJ0njND2aT5DHpI9E&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1 HTTP 302
https://redirect.userreport.com/cs/1/863354B62BE920E5&gdpr_consent= HTTP 301
https://uip.semasio.net/userreport/1/info

Request Chain 191

https://idsync.rlcdn.com/398366.gif?partner_uid=5328706582315970934 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=53b319ba-27ec-4cae-91d4-03514bb208d5

Request Chain 192

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5328706582315970934 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5328706582315970934

Request Chain 194

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5328706582315970934 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5328706582315970934

Request Chain 195

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTMyODcwNjU4MjMxNTk3MDkzNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTMyODcwNjU4MjMxNTk3MDkzNA&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGSAi6ebOAHvLCbQnZNNnUw&google_cver=1&google_ula=1641347,0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGSAi6ebOAHvLCbQnZNNnUw&google_cver=1&google_ula=1641347,0

Request Chain 201

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=1483669026971755489&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934

Request Chain 204

https://a.audrte.com/a?adform_uid=5328706582315970934 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19 HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&google_gid=CAESEE4DnhNnvWYriCA42RNdzyI&google_cver=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=g7fJPFhR8ElQLi2TGEe5GEsNQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D HTTP 302
https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 205

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5328706582315970934&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5328706582315970934&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=28847562499556174912693410000634605597&noredirect=1

Request Chain 206

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5328706582315970934 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010303742001362986

Request Chain 207

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228106930316

Request Chain 209

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=1ef06064-d575-4e00-8953-a37e15341788

Request Chain 210

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=d8ipdPML1LrH3n5

Request Chain 211

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c

Request Chain 213

https://id5-sync.com/s/10/0.gif?puid=5328706582315970934 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=5328706582315970934&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOvUBnR10_h092Q9lUfvcpcnNHYVczcw-c3EIOYA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=7d4225f5-2ac5-4593-945c-d8444edfabbe&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=

Request Chain 214

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=526896213 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu

Request Chain 216

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5328706582315970934 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5328706582315970934&cs=1

Request Chain 218

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5328706582315970934&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5328706582315970934&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc

Request Chain 220

https://eb2.3lift.com/xuid?mid=7354&xuid=5328706582315970934&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5328706582315970934&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

215 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request coronavirus Show response
www.ochsner.org/ 234 KB
47 KB 510ms
134ms Document
text/html 50.57.30.83
RACKSPACE

General

Check archive.org

Download Go to

Full URL

https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.30.83 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

40ba2553e8ec6ec5c3579014facd7470efb4bcde92b519d0a99e63e807600c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.ochsner.org
:scheme: https
:path: /coronavirus
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 31 Mar 2021 20:02:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 19ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,300i,400,400i,500,500i

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0fb2cade5ef3f0b42f63af9112eee43eaeaa2270554cdbf1572565b99876c870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 20:02:52 GMT
server: ESF
date: Wed, 31 Mar 2021 20:02:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Mar 2021 20:02:52 GMT

GET
H2 200 www.min.css
www.ochsner.org/assets/css/www/ 693 KB
106 KB 198ms
195ms Stylesheet
text/css 50.57.30.83
RACKSPACE

General

Check archive.org

Download Go to

Full URL

https://www.ochsner.org/assets/css/www/www.min.css

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.30.83 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

9b2a6655a07666de3d487217b96021ce748dce75d5970f01a5a035674fdd3a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/coronavirus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 22:27:08 GMT
server: nginx
etag: W/"6062543c-ad384"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 54ms
51ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Origin: https://www.ochsner.org
Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:52 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 ytag.min.js Show response
assets.sitescdn.net/ytag/ 4 KB
2 KB 33ms
15ms Script
application/javascript 2606:4700::6812:7034
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://assets.sitescdn.net/ytag/ytag.min.js
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:7034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83086651813df72cf35509ce807167b88e3bcbcec1c270c5753032bb1b5aa688

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Jul 2020 19:55:40 GMT
server: cloudflare
age: 3213
etag: W/"d966d111f3d662c6ca50a7ba5f692eba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: uY1MA6j8LmLPIgCZ3y/OddUNKDhG929IlChrpguaJ1TVbANJheFIuD3q1R1Rx5PvWHG3F4I2kyA=
content-type: application/javascript
cf-ray: 638c2d8bba0c05d4-FRA
x-amz-request-id: 9563A20F15B12186
cf-request-id: 092b7acb53000005d4b31a7000000001

GET
H2 200 cookieconsent.min.css
wpcc.io/lib/1.0.2/ 4 KB
2 KB 994ms
122ms Stylesheet
text/css 68.183.157.211
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://wpcc.io/lib/1.0.2/cookieconsent.min.css

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

server1.wpcc.io

Software

nginx /

Resource Hash

119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Apr 2019 15:44:29 GMT
server: nginx
etag: W/"5ca777dd-fbe"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Fri, 30 Apr 2021 20:02:53 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1016 B 101ms
29ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 06d19fb03f2f83e9d41666d24733926bd775affa9842df34c6d2628f3762d863

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 31 Mar 2021 20:02:52 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-77-nzt-ray: 2ySHTGHFf5I=
age: 53
x-77-cache: HIT
x-cache: HIT
x-age: 972
content-encoding: br
x-77-nzt: AcO1rzLjiVHvzAMAAA==
last-modified: Wed, 31 Mar 2021 14:36:55 GMT
server: CDN77-Turbo
etag: W/"7395568191e63b0bbb73a46e6f82ea99"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: H9KYwyeQos0bkm5UCr3iFOOutb0o0bhdRJiSjW--rfi16SWczA6vPA==

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 407 B
664 B 10ms
7ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bfc7f9e6335076fcfa947934b08a65a22809ea20f7f57246f88066d379ead8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4210287
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 202
referrer-policy: origin-when-cross-origin
last-modified: Wed, 10 Feb 2021 08:52:10 GMT
date: Wed, 31 Mar 2021 20:02:52 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 redactorCustom.css
www.ochsner.org/cpresources/1eca781a/css/ 1 KB
692 B 292ms
290ms Stylesheet
text/css 50.57.30.83
RACKSPACE

General

Check archive.org

Download Go to

Full URL

https://www.ochsner.org/cpresources/1eca781a/css/redactorCustom.css

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.30.83 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

2628545b0e542fd74b1e90b69ca67ad502078e1d456003950d9b825ad2d1e7af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/coronavirus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 18:17:51 GMT
server: nginx
etag: W/"5f51334f-59b"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,900|Roboto:300,400,500,700,900

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

829b2d54ac743aa5c07500c3bcce7497ecfc406f14ff264246f96f92a91cc16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 20:02:52 GMT
server: ESF
date: Wed, 31 Mar 2021 20:02:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Mar 2021 20:02:52 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
643 B 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 31 Mar 2021 20:02:52 GMT

GET
H/1.1 200
OK logo-ochsner-pos.svg
s3.us-east-2.amazonaws.com/ochnser-core/brand/ 3 KB
3 KB 561ms
143ms Image
image/svg+xml 52.219.102.161
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/ochnser-core/brand/logo-ochsner-pos.svg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.102.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18bb938736ae12accffe1c3ddd8d5a542fe154f8be929761a32cdadffb4aa1c3

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:54 GMT
Last-Modified: Tue, 01 May 2018 20:09:20 GMT
Server: AmazonS3
x-amz-request-id: CH6HKHVYAGVQ8TPY
ETag: "db5b9adb42a7cc676d57bab083759278"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 3072
x-amz-id-2: zQ7khU0vjfaPvkM4ZmdvWtZphDNXgV03jYLnW/ISWKixueZXW/hA9/hbzZS1Y0Ddcqh4GPl8BoE=

GET
H2 200 www.bundle.js Show response
www.ochsner.org/assets/js/www/ 706 KB
208 KB 139ms
138ms Script
application/javascript 50.57.30.83
RACKSPACE

General

Check archive.org

Download Go to

Full URL

https://www.ochsner.org/assets/js/www/www.bundle.js

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.30.83 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

38e18d309ab55773c6c6f894767e923d1b028585bf390b2917008f6aa71fd489

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/coronavirus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 22:27:08 GMT
server: nginx
etag: W/"6062543c-b0929"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 client.bundle.js Show response
guide.loyalhealth.com/client/ 760 KB
184 KB 633ms
157ms Script
application/javascript 40.74.227.172
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://guide.loyalhealth.com/client/client.bundle.js

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.74.227.172 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

dea8baa3c053af7a09febb9d011375809627515330d62d546d0e6782700c4b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 14:14:04 GMT
server: nginx
etag: W/"605c9aac-be103"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/449490303/1a57c8fb3d6158dd59a7/12/ 34 KB
11 KB 499ms
232ms Script
text/javascript 54.174.92.145
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://cdn.callrail.com/companies/449490303/1a57c8fb3d6158dd59a7/12/swap.js
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.92.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-92-145.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b361862dc7d88a5aad8b463bbb80f6c79b8b57453a6d45746b20caedc4914a0e

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.011348
date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"b361862dc7d88a5aad8b463bbb80f6c7"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: ca46f65b-83c5-4dd4-a70f-854572fd6140

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 295 KB
62 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KD3S3M7

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ecf674c21a37d0fc22d9669f7eb3eede7209329237a5d3fe1964ad8dba3c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63740
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 18:30:14 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Mar 2021 20:02:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
40 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53CWQBB

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6472a995ce7200167b8d58baeefa34f4ce22e4765c3009dcd41397690a95dea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41060
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 18:30:14 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Mar 2021 20:02:53 GMT

GET
H2 200 widget_app_base_1617201358721.js Show response
cdn.userway.org/widgetapp/2021-03-31/ 90 KB
24 KB 101ms
99ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Download Go to

Full URL: https://cdn.userway.org/widgetapp/2021-03-31/widget_app_base_1617201358721.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e75cf8738e00c781fa7d2f4ae1131bc645ed8333e1f937e4280b43e07043fb28

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 31 Mar 2021 20:02:53 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-77-nzt-ray: xfd3dueU7gI=
age: 39
x-77-cache: HIT
x-cache: HIT
x-age: 19503
content-encoding: br
x-77-nzt: AcO1rzKY4xbvL0wAAA==
last-modified: Wed, 31 Mar 2021 14:36:54 GMT
server: CDN77-Turbo
etag: W/"9a819f14a5639cef00b357d2ccb8981e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: MLQsiKeMjgbDVWN7A7Ru-2n237dWgCgoU1cabs1I1fXaYbnv1yaLvQ==

GET
H2 200 search-insights@1.0.0 Show response
cdn.jsdelivr.net/npm/ 17 KB
6 KB 10ms
8ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/search-insights@1.0.0

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

42b47120f264ade6a4649dd2fd051ac4ceefce4baef02ef40ee2d51115d964fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4309420
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5386
etag: W/"421c-QkYVgBVr6xzZYtchzo6kB2McB4A"
x-served-by: cache-fra19138-FRA
date: Wed, 31 Mar 2021 20:02:53 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 671d5009781a2b2b209d698d5d0c90df110a51486a7885c035deef550766924c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc32c38f67e11089aed298bbfe7ca99ba92986a167f380140de3e3a7be7ae5c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccf3b9e49126ed5bd913ae356297c9f2dc83f9943ce797d715b31332313f3da5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 889 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cd670ed7981f2f20d8a9f2c3a01a399fd88b3ba519f07e3099ddf9ff848a027

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 904 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3889fb67c1326dc277e2e1ffabd384c8034e4489310d6d15b322677ebfecefe6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3c2745ff2967c7e7d4714b5518d7e54321b6a016e1051032ffd13248f045350

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 494 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9867478c7039be7b1a12e71cb79fd95b54cfc8e094acf30375e4088e9d747020

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,300i,400,400i,500,500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 08:14:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 474484
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Sat, 26 Mar 2022 08:14:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,900|Roboto:300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 02:06:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 496557
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Sat, 26 Mar 2022 02:06:56 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,900|Roboto:300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 07:37:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:19 GMT
server: sffe
age: 563121
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18988
x-xss-protection: 0
expires: Fri, 25 Mar 2022 07:37:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,300i,400,400i,500,500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 76580
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 30 Mar 2022 22:46:33 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,300i,400,400i,500,500i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:20:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 394926
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:20:47 GMT

GET
H2 200 polyfill.js
cdn.polyfill.io/v2/ 407 B
251 B 8ms
7ms Other
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bfc7f9e6335076fcfa947934b08a65a22809ea20f7f57246f88066d379ead8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4210288
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 202
referrer-policy: origin-when-cross-origin
last-modified: Wed, 10 Feb 2021 08:52:10 GMT
date: Wed, 31 Mar 2021 20:02:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c40532c7250be139c691dba1720c741378505a33f032aacaf0b3fd1ec352e212

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 616f254eefb72b52fbfe3554338f9d877a3ae32389c35c659457018a11b490b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK subtle_dots_darker.png
s3.us-east-2.amazonaws.com/ochnser-core/bg/ 1 KB
1 KB 557ms
146ms Image
image/png 52.219.102.161
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/ochnser-core/bg/subtle_dots_darker.png
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/assets/css/www/www.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.102.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: b2b4195f7c7517a3d2a10ef60a96ff4621c138aa241cf3792832e2c2abbd335f

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:54 GMT
Last-Modified: Fri, 29 Jun 2018 21:07:45 GMT
Server: AmazonS3
x-amz-request-id: CH6SDG6PQ29PKZET
ETag: "4fced526e47b354ced042978411cc34d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1049
x-amz-id-2: pcn83be7Zr4Gb89mlwJ/vgT4Qz8JKNf2c7z/ui7MQIcWT+54Dk07vXcfjHoVRbXZLNh5Tudzx60=

GET
H/1.1 200
OK Doctor-looking-at-vaccine-3bff20afe8.jpg
ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1412704/ 70 KB
70 KB 542ms
161ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1412704/Doctor-looking-at-vaccine-3bff20afe8.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f2a3e549556b14b6adcf68cdaa9c50e16a8a6bf0bd94dbec6eb4a3557bbb5693

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:54 GMT
Last-Modified: Thu, 18 Mar 2021 17:25:10 GMT
Server: AmazonS3
x-amz-request-id: CH6GBQQ0K69NEQFS
ETag: "c5f7df81abec68824087a339f1a26dbc"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 71540
x-amz-id-2: BtnhqxyNipF7veJtU9YoULzMo2wM8g5950hN2OJ8F5yt7Pq86+Nh4VZT5L0yTUVhDy/LcYhHyDA=

GET
H/1.1 200
OK Patient-with-Brain-Doctor-3bff20afe8.jpg
ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1529445/ 88 KB
88 KB 542ms
154ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1529445/Patient-with-Brain-Doctor-3bff20afe8.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 914d0e6612ff0e69710ac2cebae2e92c39ee34ad1195f6d536869bc5045307af

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:54 GMT
Last-Modified: Thu, 18 Mar 2021 05:00:29 GMT
Server: AmazonS3
x-amz-request-id: CH6VX5CYQX1DA68T
ETag: "cc8a67bff8dc93adedeb42a59690409e"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 89958
x-amz-id-2: g5oafKD41TiVb81qurJz50RKj83VSTmdIm4isqLpz8puQxqB3TsBe0MpUL+q2NIELQflyoAh8E4=

GET
H/1.1 200
OK Salad-Bowl-3bff20afe8.jpg
ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1519715/ 73 KB
73 KB 555ms
167ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1519715/Salad-Bowl-3bff20afe8.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b95dba2c2d48682d8faf81f358cdc56cfdcd0b7ffee6fc894287dd1e5c2b1c6

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:54 GMT
Last-Modified: Thu, 18 Mar 2021 05:00:30 GMT
Server: AmazonS3
x-amz-request-id: CH6MD2J15A2EG0XF
ETag: "f391f76cb79087a1d83484f90b0529d5"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 74795
x-amz-id-2: 8i7YxqbjqugQAl7f/g4TaylopxYBUyLuBErVaUI+f6dUCQ0ojsDN8xsBZdF2c4DUNSOBAmxKPX8=

GET
H/1.1 200
OK dermal-fillers-covid-19-vaccine-woman-looking-in-mirror-3bff20afe8.jpg
ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1519382/ 202 KB
202 KB 541ms
152ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/blogarticleimages/1519382/dermal-fillers-covid-19-vaccine-woman-looking-in-mirror-3bff20afe8.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b714a6bfa8253e9c82117a8798778f799f2748f2be99d696da01ab237a8c7d64

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:54 GMT
Last-Modified: Thu, 18 Mar 2021 05:00:35 GMT
Server: AmazonS3
x-amz-request-id: CH6QPEDZWY42WTKM
ETag: "4f94212707cbe13f284a1763f683c2d2"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 206896
x-amz-id-2: QvnUdhVxj/jUkEc4Wz/er5Mn5AR/5kn6t5SZNFtisWC2F24HQtRO/ppJwsqV2N6hTIebZ1b/8p4=

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,300i,400,400i,500,500i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 02:34:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 581287
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Fri, 25 Mar 2022 02:34:46 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,900|Roboto:300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:37:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 102321
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:37:32 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_ZpC3gfD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gfD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,900|Roboto:300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1889994acccfac3f2bfa912b8f3dc3cc3389fcccafd049c612ce8ed5b3577cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:15:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:04 GMT
server: sffe
age: 103619
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17024
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:15:54 GMT

GET
H/1.1 200
OK Physician-holding-Testing-Tube_200610_214731-e5ce73b581.jpg
ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1069046/ 49 KB
49 KB 1152ms
167ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1069046/Physician-holding-Testing-Tube_200610_214731-e5ce73b581.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 99b90ef1cedfd3cf58db1e2c11d1f30ebcae075fcc725e70072baae5f069c093

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Sun, 28 Mar 2021 17:55:55 GMT
Server: AmazonS3
x-amz-request-id: 8ACNQNPQ16WNH1F0
ETag: "4a56b6615536ff04639948ec8c04dc67"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 49978
x-amz-id-2: M/DPqkGlDU0YXeGsZ99zPc0t6usr19yYzv+sXKtnjo7RWGS87TEtdqTWN2p9xdBflkU7hKyE5jc=

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ 332 KB
130 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 09:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36327
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 09:57:26 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66fe79e0b61dab31119367247dc1f39b339ea58556f307f1d64f2ba2f52f8fd9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_ZpC3gbD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 6 KB
7 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gbD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,900|Roboto:300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311df1df5293d0d3de226f460e35a8f60326a6266e6103da0032895b30d04f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 22:47:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:09 GMT
server: sffe
age: 76516
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6616
x-xss-protection: 0
expires: Wed, 30 Mar 2022 22:47:37 GMT

GET
H2 200 patient Show response
www.ochsner.org/promo-carousel/911111/ 1 KB
744 B 727ms
727ms XHR
application/json 50.57.30.83
RACKSPACE

General

Check archive.org

Download Go to

Full URL

https://www.ochsner.org/promo-carousel/911111/patient

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/assets/js/www/www.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.30.83 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

nginx / Craft CMS

Resource Hash

c77a37633650da45a826fd35f027c8fd591c657161425c91972ba54ee992c90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ochsner.org/coronavirus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: Craft CMS
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H2 200 patient Show response
www.ochsner.org/promo-grid/911111/ 2 B
169 B 718ms
718ms XHR
application/json 50.57.30.83
RACKSPACE

General

Check archive.org

Download Go to

Full URL

https://www.ochsner.org/promo-grid/911111/patient

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/assets/js/www/www.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.30.83 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

nginx / Craft CMS

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ochsner.org/coronavirus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: Craft CMS
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c82d1795803cbbe1abcd2c05e60aee240f60c4d9907a5976e5484a180b5c9adf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53CWQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6466
date: Wed, 31 Mar 2021 18:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 31 Mar 2021 20:15:07 GMT

GET
H2 200 t503im7zs.js Show response
cdn.krxd.net/controltag/ 13 KB
5 KB 121ms
38ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.krxd.net/controltag/t503im7zs.js
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc01de7ef4637a56ef0c1e7e869abd0e9134d9dde4941a68bd808326ba542fbf

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 31 Mar 2021 20:02:53 GMT
via: 1.1 varnish, 1.1 varnish
age: 211
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4265
x-served-by: config-service-a001-ash-prod.krxd.net, cache-bwi5144-BWI, cache-hhn4082-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1617220974.852230,VS0,VE1
etag: "951790fa150127ac54a781c3ac21acd5ad186467"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/ochsner/engage/scripts/ 141 KB
37 KB 87ms
25ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.evgnet.com/beacon/ochsner/engage/scripts/evergage.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53CWQBB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c591c89e1fa8e0b41f6c37ccbb0250cdded0970176a26177cc1502af66fa171

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hV8cA1IcArV_Nj7jNFll84a7NZZTZ34U
content-encoding: gzip
etag: "31b3bb245db51cba6998170c678494d9"
timing-allow-origin: *
age: 59
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 36930
x-amz-id-2: QJ5rw2KbmWQ4E1HZHPpeeOHU+uxGpYpo/z5EtHVrQ4rXAhwebHtsptT1dqwAnj3sOv46KOzJRSk=
x-served-by: cache-dca17749-DCA, cache-cph20639-CPH
x-amz-meta-evergage-sum: 5dba7a2adfbbb60a966ccba00a2dbf2d9abfc29c
last-modified: Thu, 25 Mar 2021 19:51:05 GMT
server: AmazonS3
x-timer: S1617220974.822556,VS0,VE1
date: Wed, 31 Mar 2021 20:02:53 GMT
vary: Accept-Encoding
x-amz-request-id: B4DW47K91V0NKTPX
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 1, 1

GET
H2 200 siteanalyze_69024.js Show response
siteimproveanalytics.com/js/ 24 KB
9 KB 38ms
14ms Script
application/javascript 2606:4700:e6::ac40:c418
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_69024.js
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c418 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f976ca34dbfaf0d7dff3395aff9729ad95d21065ba1618d22386e2b6eb7d4eef

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2098
cf-ray: 638c2d8e29622c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8351
x-amz-id-2: qdpvhIhR0vcG6l2blTPoWRX5oZtQ9zqG0jVvORXucOQ6uNf5wlN8GguvyNAcYpkh5Yo3NMMK8tg=
last-modified: Wed, 31 Mar 2021 17:27:43 GMT
server: cloudflare
etag: "f4d4e339472376c50cc23db3ce83b721"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Db7ixrUu8sAc1uqQSny886mQROevVpPsK2L%2BTJ3Up0uoeleKnNR%2F7QmtI%2BMcuzGPLfGCZmKudlZtcY6W9RUDyTufp6ka7FRYhhfQz2tuksprvuLgDCLuF8Z%2FtxlcspvKknGc4UM%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id: Z628XSB245JP8ZMQ
cache-control: max-age=86400, no-transform
cf-request-id: 092b7accd600002c4ec128e000000001
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 10ms
8ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD3S3M7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 07 Apr 2021 20:02:53 GMT

GET
H2 200 1575.js Show response
script.crazyegg.com/pages/scripts/0049/ 4 KB
2 KB 45ms
19ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0049/1575.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD3S3M7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f8a51dc546a65143dc002ae1c3ee5c3b1581e1d98361e0ac6243d7b3c9b25d

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14353
cf-polished: origSize=4157
ce-version: 11.1.266
cf-request-id: 092b7acd0a00004e382da9f000000001
timing-allow-origin: *
last-modified: Wed, 31 Mar 2021 16:03:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 638c2d8e7dad4e38-FRA
cf-bgj: minify

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 189ms
75ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD3S3M7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

29d92ac472601822dcce42088f2554ba36e11287d5db9e199a3b7646ad89eeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13738
x-xss-protection: 0
server: cafe
etag: 7361881915483951561
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Mar 2021 20:02:54 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 47ms
32ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1965275-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD3S3M7

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fa1e63b3259c92a003ff760e6d77d05488925aab079eb8c2d38216a89378cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39147
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 18:30:14 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Mar 2021 20:02:53 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 2051ms
555ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD3S3M7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:55 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=607
accept-ranges: bytes
content-length: 15848

GET
H/1.1

200
OK

attachmentError.jsp Show response
cid3.actonsoftware.com/acton/blocks/
Redirect Chain

https://ochsner.hrm.healthgrades.com/cdnr/cid3/acton/attachment/16475/f-02ac/1/-/-/-/-/AoProcessForm.js
https://cid3.aocdn.net/acton/attachment/16475/f-02ac/1/-/-/-/-/AoProcessForm.js
https://cid3.actonsoftware.com/acton/blocks/attachmentError.jsp?e=noDoc&a=16475&d=f-02ac

0
0

760ms
268ms

Script
text/html

207.189.124.124
ASN-VINS

General

Check archive.org

Download Go to

Full URL: https://cid3.actonsoftware.com/acton/blocks/attachmentError.jsp?e=noDoc&a=16475&d=f-02ac
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.189.124.124 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Mar 2021 21:25:45 GMT
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5d.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 81429
x-cache: Hit from cloudfront
location: https://cid3.actonsoftware.com/acton/blocks/attachmentError.jsp?e=noDoc&a=16475&d=f-02ac
x-amz-cf-pop: FRA56-C2
content-length: 0
x-amz-cf-id: KUV11bx_tCi60zphcmPSruKJyVNBKhg5TBZWYGt0b-r_zSVRxU6YEg==

GET
H/1.1 200
OK edp-capture.min.js Show response
s3.amazonaws.com/cos-cdn/UTM+Tools/ 4 KB
5 KB 578ms
168ms Script
application/javascript 52.217.0.85
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://s3.amazonaws.com/cos-cdn/UTM+Tools/edp-capture.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD3S3M7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5cdb58e2ef9f9e37e54c6e3734cbcef2f21d5ade1d05f6beaa2759762d737cdf

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Tue, 24 Mar 2020 18:18:04 GMT
Server: AmazonS3
x-amz-request-id: 8ACHT9MAE2VH8D2M
ETag: "667564eb2519729c62e5bf78ecabf5f6"
Content-Type: application/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4246
x-amz-id-2: Q1vqDVBUApC7lq79wlUtH7wo1ctPE3MTqJXSAJ7NIxD43xzFEckNWrw63R73HutArqPUUDR0i/c=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: PO375uD8I0KOJrW69iz+aYuWyPATPLjCFpBVAc4cACxpEmTDfsB6639dNEl/Jug96KR2fA+T6lxIx/8yZn5N+w==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Wed, 31 Mar 2021 20:02:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 NKOHowPNgF Show response
api.userway.org/api/tunings/ 721 B
775 B 639ms
228ms XHR
application/json 52.25.5.245
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://api.userway.org/api/tunings/NKOHowPNgF
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-03-31/widget_app_base_1617201358721.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.5.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-5-245.us-west-2.compute.amazonaws.com
Software: _ / Express
Resource Hash: 2555cd7bed0d9edd14bcfd13455fb9d770b2fab19f5f2b0777bd5943bb2a4d28

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
etag: W/"2d1-d61shmzh13t4WgzBMchl2ZC2kh0"
server: _
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-headers: Authorization,Origin,X-Requested-With,Content-Type,Accept,Cache-Control,If-Modified-Since,Pragma,X-Auth-Language,X-Auth-Token,X-Spl-Token
expires: Wed, 31 Mar 2021 20:02:54 GMT

GET
H2 200 emergency.json Show response
www.ochsner.org/ 1 KB
1 KB 492ms
492ms XHR
application/json 50.57.30.83
RACKSPACE

General

Check archive.org

Download Go to

Full URL

https://www.ochsner.org/emergency.json

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/assets/js/www/www.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.30.83 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

nginx / Craft CMS

Resource Hash

046aab396a1b7731f7af43c9de3105941c143964f6be8b4823592f3beb99e760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ochsner.org/coronavirus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: Craft CMS
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 94F5 20 KB
11 KB 26ms
26ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&co=aHR0cHM6Ly93d3cub2Noc25lci5vcmc6NDQz&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=8goxipmyg6q6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

624d5963ca72f268711831944d1558a6fe04c973a30c3f73910e2b644eaaa180

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zPG+I61H0Di60EullzxlSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&co=aHR0cHM6Ly93d3cub2Noc25lci5vcmc6NDQz&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=8goxipmyg6q6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ochsner.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ochsner.org/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 31 Mar 2021 20:02:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-zPG+I61H0Di60EullzxlSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10943
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=458404047&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&ul=en-us&de=UTF-8&dt=Coronavirus%20%7C%20Ochsner%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1215429924&gjid=1053328859&cid=956356855.1617220974&tid=UA-1965275-40&_gid=1171194934.1617220974&_r=1&gtm=2wg3o053CWQBB&z=1101852907

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ochsner.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Deborah_Ford_Vaccine_2021-03-03-185043-3bff20afe8.jpg
ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1531513/ 17 KB
17 KB 559ms
168ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1531513/Deborah_Ford_Vaccine_2021-03-03-185043-3bff20afe8.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdd9967d7009963e5f472f943029a9beb031da5c6c9ae62faa026334f3827666

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Thu, 18 Mar 2021 05:00:27 GMT
Server: AmazonS3
x-amz-request-id: 8ACKCT0CKBBJNSJN
ETag: "7e5f2d41b88e1426d641869ce83080e4"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 17170
x-amz-id-2: 5NkhStO6eXrQSbErc4rITijXJWb/ORpeO++gmZcJAzPLIIR0jYCf45Bcdpc7hT3Vk4TvomeaYDU=

GET
H/1.1 200
OK Nnedu-3bff20afe8.jpg
ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1531514/ 77 KB
77 KB 716ms
154ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1531514/Nnedu-3bff20afe8.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b31c3f08645c32aec8aa5980b25d8ef49ede32fa96164f287bc8ee47587db59a

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Thu, 18 Mar 2021 05:00:27 GMT
Server: AmazonS3
x-amz-request-id: 8ACM3SWWXMZ1DRD1
ETag: "5fe35a4036630022e84362a59fb57491"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 78950
x-amz-id-2: iAIEe30PZgZgcEzZ5wJLTHfzxjCU9EaZCsHbzpD71ua5JtrH2slq75g3aC+knaf/+Tz6M/2/ZYE=

GET
H/1.1 200
OK Protecting-the-Black-Community_2021-03-03-185451-3bff20afe8.jpg
ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1531516/ 30 KB
31 KB 607ms
209ms Image
image/jpeg 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1531516/Protecting-the-Black-Community_2021-03-03-185451-3bff20afe8.jpg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e663a979e820ebca8ab1a87e304758f30c09a1053c69a011e17df1986f1b2118

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Thu, 18 Mar 2021 05:00:28 GMT
Server: AmazonS3
x-amz-request-id: 8ACHW8MJ8KZ0PBEZ
ETag: "2e29aecea5f1232792e2dd8c319649ab"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 31206
x-amz-id-2: JRK6VyhVZQqP/kt5LKoqlP7QkzfS3nPfAlaTkXXDGL9M3Kar8liUpk8epjzufGVv4FMLJfpNtHU=

GET
H/1.1 200
OK PPE-Innovation_Text_THUMB-720x405-c696de81-a944-46d0-81eb-3ccbcc76be5f-3bff20afe8.png
ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1045131/ 578 KB
578 KB 251ms
151ms Image
image/png 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1045131/PPE-Innovation_Text_THUMB-720x405-c696de81-a944-46d0-81eb-3ccbcc76be5f-3bff20afe8.png
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 617d817a8511d9ee709ae283545dec490f32bbb5e4864935f9938cac01b43a8e

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Sun, 28 Mar 2021 17:55:52 GMT
Server: AmazonS3
x-amz-request-id: 8ACSEKQ9R7X5X8X1
ETag: "f2a0eedb1b39ff3a7f8a39ef43e9978f"
Content-Type: image/png
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 591752
x-amz-id-2: xu7CJ94i+BcJR34MlIHO95/ARBfHwc1q0rhCHm4Pec9rPqLhrLnonsfFUtdHm/QEtuJ2+yTojyc=

GET
H/1.1 200
OK ImpactOfSocialDistancing_Thumb_Title-3bff20afe8.png
ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1000913/ 121 KB
121 KB 679ms
157ms Image
image/png 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/pagebuilder/1000913/ImpactOfSocialDistancing_Thumb_Title-3bff20afe8.png
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6bca62b2308a583c996aa280ffd6f812bacc0e363a4d10fd3627632f39d7be78

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Thu, 25 Mar 2021 05:02:17 GMT
Server: AmazonS3
x-amz-request-id: 8ACKK27EBRKSZH8A
ETag: "36660e390c99ae8dd9416799e2070435"
Content-Type: image/png
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 123727
x-amz-id-2: /S00PoCL/YzfiQItQYplVY3CnYQ6Gqz22gnPRRu9MumKMZd1rD9mfGApHGs4//RtBDnB9f8jceU=

GET
H/1.1 200
OK Social-Distancing-Animation_THUMB-3bff20afe8.png
ochsner-craft.s3.amazonaws.com/imager/pagebuilder/994409/ 483 KB
483 KB 585ms
199ms Image
image/png 52.216.134.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ochsner-craft.s3.amazonaws.com/imager/pagebuilder/994409/Social-Distancing-Animation_THUMB-3bff20afe8.png
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7cc1652d81f9dfbd8864d2d2942a963a2034a1d9f293138d4915536cf212f558

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:55 GMT
Last-Modified: Thu, 25 Mar 2021 05:02:20 GMT
Server: AmazonS3
x-amz-request-id: 8ACWTETZ57MPE2XS
ETag: "789a2b81a067cd1d9be408a1800f6282"
Content-Type: image/png
Cache-Control: max-age=1209600, must-revalidate
Accept-Ranges: bytes
Content-Length: 494337
x-amz-id-2: iMYLoNiknRrZiuU66IlVNkHg+4cd4+pwc5hCKJixvTNhZ3CJd41JqtdhFAxIv0CwH6/zQHxowRU=

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:300,300i,400,400i,500,500i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ochsner.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:36:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 393997
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:36:16 GMT

GET
H2 200 rules-p-4cZEFdtCjxAWP.js Show response
rules.quantcount.com/ 10 KB
3 KB 47ms
22ms Script
application/x-javascript 2600:9000:2182:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://rules.quantcount.com/rules-p-4cZEFdtCjxAWP.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abc8a8a2ced15f7a398c1979df35cc2d1a61c5695e8b622739d69f7a847eeeb6

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
etag: W/"7a0930472f965a7e3fdace619a25ff63"
last-modified: Mon, 03 Aug 2020 19:24:13 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-id: rvJGGyDwbYcLBizWwh4ZbLZFsT4XjFzqGAILPzky2AgvW-jPdiCExQ==

GET
H2 200 1575.json Show response
script.crazyegg.com/pages/data-scripts/0049/ 22 KB
3 KB 38ms
23ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0049/1575.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0049/1575.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ab1248e8f66635f16b22a50d938de9da52223a7d42a83344d364cc664494fa

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14353
ce-version: 11.1.266
content-length: 2459
cf-request-id: 092b7acdbe00004ee5be2ef000000001
timing-allow-origin: *
last-modified: Wed, 31 Mar 2021 16:03:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 638c2d8f9c634ee5-FRA

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 50ms
49ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t503im7zs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
age: 1723043
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 4205981
content-length: 84451
x-served-by: cache-hhn4082-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1617220974.023947,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=458404047&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&ul=en-us&de=UTF-8&dt=Coronavirus%20%7C%20Ochsner%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1117786504&gjid=1448904222&cid=956356855.1617220974&tid=UA-1965275-1&_gid=1171194934.1617220974&_r=1&gtm=2ou3o0&z=1215583275

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ochsner.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 94F5 50 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&co=aHR0cHM6Ly93d3cub2Noc25lci5vcmc6NDQz&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=8goxipmyg6q6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 13:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 25244
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Thu, 31 Mar 2022 13:02:10 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 94F5 332 KB
130 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 09:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36328
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 09:57:26 GMT

GET
H2 200 engage Show response
ochsner.us-1.evergage.com/api2/event/ 105 B
691 B 433ms
155ms XHR
application/json 3.224.161.34
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://ochsner.us-1.evergage.com/api2/event/engage?event=eyJhY3Rpb24iOiJDb3JvbmF2aXJ1cyIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6ImNvcm9uYXZpcnVzIiwiY29udGVudFpvbmVzIjpbXSwidXJsIjoiaHR0cHM6Ly93d3cub2Noc25lci5vcmcvY29yb25hdmlydXMiLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJjb25maWdWZXJzaW9uIjoiMTg5IiwiYmVhY29uVmVyc2lvbiI6MTZ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnsiYXR0cmlidXRlcyI6e30sImFub25JZCI6ImRiNGRkNDgyNjA1NmExMDIifSwicGVyZm9ybWFuY2UiOnt9LCJkZWJ1ZyI6eyJleHBsYW5hdGlvbnMiOnRydWV9LCJjYXRhbG9nIjp7fSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiNTI0OTk5NzY2NDgwMDYyMSJ9

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/ochsner/engage/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.161.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-161-34.compute-1.amazonaws.com

Software

Apache-Coyote/1.1 /

Resource Hash

5d6e3816923d0b71acd055fc74084bad8536ee017ee61b0f7755ff7aaaa07c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache-Coyote/1.1
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ochsner.org
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 11.1.266.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 61 KB
20 KB 14ms
11ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.266.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0049/1575.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7076caaedeb016a3e14784f56a7621f3de3ed4bf09587159a44c37e8335f25d

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 200586
cf-ray: 638c2d8fd8f64e38-FRA
content-length: 20535
cf-request-id: 092b7acdeb00004e3842372000000001
last-modified: Wed, 17 Mar 2021 17:23:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-1965275-1&cid=956356855.1617220974&jid=1117786504&gjid=1448904222&_gid=1171194934.1617220974&_u=aEDAAUABAAAAAC~&z=1703724514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Mar 2021 20:02:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.ochsner.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/764376140/ 2 KB
2 KB 150ms
85ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/764376140/?random=1617220974076&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&tiba=Coronavirus%20%7C%20Ochsner%20Health&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b500f5cde6248a56de432973ff8f8932cc28df627f0fc478e346b4388e90a297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1199
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 X8unmHfEQ3F5n2RsHjGpzlShR0zqBlJO5Q_PtwQUnPI.js Show response
www.google.com/js/bg/ Frame 94F5 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/js/bg/X8unmHfEQ3F5n2RsHjGpzlShR0zqBlJO5Q_PtwQUnPI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcba79877c44371799f646c1e31a9ce54a1474cea06524ee50fcfb704149cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&co=aHR0cHM6Ly93d3cub2Noc25lci5vcmc6NDQz&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=8goxipmyg6q6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 13:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 456356
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5716
x-xss-protection: 0
expires: Sat, 26 Mar 2022 13:16:58 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
238 B 33ms
33ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1965275-1&cid=956356855.1617220974&jid=1117786504&_u=aEDAAUABAAAAAC~&z=1899862405

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1965275-1&cid=956356855.1617220974&jid=1117786504&_u=aEDAAUABAAAAAC~&z=1899862405

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 94F5 102 B
180 B 16ms
15ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5mNs27FP3uLBP3KBPib88r1g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&co=aHR0cHM6Ly93d3cub2Noc25lci5vcmc6NDQz&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=8goxipmyg6q6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 31 Mar 2021 20:02:54 GMT

GET
H2 200 1575.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0049/ 558 B
378 B 14ms
14ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0049/1575.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.266.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45012e95f3a909735b4131739278f792d66fabb8e0db752a5db4dd379584a34e

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14348
ce-version: 11.1.266
content-length: 261
cf-request-id: 092b7ace4100004ee5caae1000000001
timing-allow-origin: *
last-modified: Wed, 31 Mar 2021 16:03:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 638c2d906f544ee5-FRA

GET
H2 200 379049612940315 Show response
connect.facebook.net/signals/config/ 243 KB
70 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/379049612940315?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

973ff4f60f5dfbee91e6725079e9a9fa00782b5b0268d9ea8cd914f4e874eb69

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: n5Y1CPf5t7dcU/NNwppl5d/n9krh9cVrwdAixI8s2Jesaxi6goNfE6MzxQZIKWh5gSv1gXMmZqBtD0Q6Qx70QA==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 31 Mar 2021 20:02:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel;r=377427441;event=refresh;labels=_fp.channel.All%20Site%20Visits;source=gtm;rf=0;a=p-4cZEFdtCjxAWP;url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-14193689...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=377427441;event=refresh;labels=_fp.channel.All%20Site%20Visits;source=gtm;rf=0;a=p-4cZEFdtCjxAWP;url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1419368998-1617220974260;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=ochsner.org;je=0;sr=1600x1200x24;dst=1;et=1617220974260;tzo=-120;ogl=site_name.Ochsner%20Health%2Curl.https%3A%2F%2Fwww%252Eochsner%252Eorg%2Fcoronavirus%2Ctitle.Ochsner%20Health%2Cdescription.Ochsner%20Health%20is%20southeast%20Louisiana%E2%80%99s%20largest%20non-profit%252C%20academic%252C%20multi-spec%2Clocale.en-US

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 928d82c1-5d05-469e-b613-0fb5712b43ab Show response
consumer.krxd.net/consent/get/ 239 B
430 B 256ms
93ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://consumer.krxd.net/consent/get/928d82c1-5d05-469e-b613-0fb5712b43ab?idt=device&dt=kxcookie&callback=Krux.ns.ochsneramer.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 483877393767232a37b9f0d6a7e3dff912666c83bf74715b67b4b82fc6d60d97

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a002-dub-prod.krxd.net, cache-hhn4036-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1617220974.475737,VS0,VE28
content-length: 191
x-cache-hits: 0, 0

GET
H2 200 928d82c1-5d05-469e-b613-0fb5712b43ab Show response
consumer.krxd.net/consent/set/ 304 B
360 B 240ms
94ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://consumer.krxd.net/consent/set/928d82c1-5d05-469e-b613-0fb5712b43ab?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=1&sh=1&re=1&callback=Krux.ns.ochsneramer.kxjsonp_consent_set_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9239b60589b0bd9f6810f797b152c7d59e8f0e5a0692c2cfef089126a4646185

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
via: 1.1 varnish
x-timer: S1617220974.475740,VS0,VE27
x-served-by: consumer-a009-dub-prod.krxd.net, cache-hhn4036-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes
content-encoding: gzip
content-length: 246
x-cache-hits: 0, 0

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8EC0 7 KB
1 KB 18ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&cb=qejcqjw8fn08

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd602dc95f98bb7bd1ef26c07a8bea6bcb1773da8ac3155ddad9f18b93eafe08

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MLcE/8arVliO+j0MjZDLcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&cb=qejcqjw8fn08
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ochsner.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ochsner.org/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 31 Mar 2021 20:02:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-MLcE/8arVliO+j0MjZDLcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/764376140/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=250505...
https://www.google.com/pagead/1p-conversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=160...
https://www.google.de/pagead/1p-conversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600...

42 B
530 B

61ms
38ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&tiba=Coronavirus%20%7C%20Ochsner%20Health&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=btVkYMuUDNSG-gbx2pqQCw&eitems=ChEI8LuQgwYQ0tbLjZKet9iZARIdAKPY4fSrL6G8TkoJay9mcqbynnAfViV92xDabD4&random=2003333984&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:54 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/764376140/?random=510727618&cv=9&fst=1617220974076&num=1&value=0&label=_FKVCIznn-4BEMzovewC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&tiba=Coronavirus%20%7C%20Ochsner%20Health&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=btVkYMuUDNSG-gbx2pqQCw&eitems=ChEI8LuQgwYQ0tbLjZKet9iZARIdAKPY4fSrL6G8TkoJay9mcqbynnAfViV92xDabD4&random=2003333984&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 280755669064011 Show response
connect.facebook.net/signals/config/ 243 KB
70 KB 56ms
55ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/280755669064011?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5d44db23ba44198fda4e1c3da776e299d09d17f4e6075afde9aaef6901d2ba5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: a803q9iUfNGaMdUMe2Ts5LfYqrVdXTTy+ri5dwQgdaMMmYIcKTA+QF2JxdCSoEoZ9A76AqEUPdG1xLENgphfRw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 31 Mar 2021 20:02:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 14ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=379049612940315&ev=PageView&dl=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&rl=&if=false&ts=1617220974326&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617220974324.1044098797&it=1617220974149&coo=false&rqm=GET

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 31 Mar 2021 20:02:54 GMT

GET
DATA 200
OK truncated
/ 623 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37c1c1b35d0a84ca694ed25a41e122ac41e326bfeeee98235321c140bfaa9de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8EC0 50 KB
25 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&cb=qejcqjw8fn08

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 13:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 25244
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Thu, 31 Mar 2022 13:02:10 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8EC0 332 KB
130 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfumocUAAAAANdyKslj6oPDZTCivY1VYqDrc06j&cb=qejcqjw8fn08

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 09:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36328
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 09:57:26 GMT

OPTIONS
H2 204 clientoptions
guide.loyalhealth.com/api/962B3D6D-AC20-4C41-B92C-BC7D83D546EC/0/ Frame 0
0 499ms
161ms Preflight 40.74.227.172
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://guide.loyalhealth.com/api/962B3D6D-AC20-4C41-B92C-BC7D83D546EC/0/clientoptions

Protocol

Server

40.74.227.172 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.ochsner.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 31 Mar 2021 20:02:55 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ochsner.org
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache, no-store

POST
H2 200 clientoptions Show response
guide.loyalhealth.com/api/962B3D6D-AC20-4C41-B92C-BC7D83D546EC/0/ 1 KB
966 B 168ms
167ms XHR
application/json 40.74.227.172
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://guide.loyalhealth.com/api/962B3D6D-AC20-4C41-B92C-BC7D83D546EC/0/clientoptions

Requested by

Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.74.227.172 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

69b47b796c9f07fced6a43a075deb29ad7c097f66587fdca7cebe6c9b183ef4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Mar 2021 20:02:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ochsner.org
cache-control: no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 14ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=280755669064011&ev=PageView&dl=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&rl=&if=false&ts=1617220974610&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617220974608.2135447760&it=1617220974149&coo=false&rqm=GET

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 31 Mar 2021 20:02:54 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
57 B 26ms
26ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarylufsr4Yn7ypqyAiG

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 31 Mar 2021 20:02:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.ochsner.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 wheel_right_wh.svg
cdn.userway.org/widgetapp/images/ 938 B
894 B 30ms
29ms Image
image/svg+xml 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/wheel_right_wh.svg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5fc452742c08d505d21569e391d74dde03f076aa236d7d0b1b5b5d0b68b7549

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 31 Mar 2021 20:02:54 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-77-nzt-ray: mp+w67l75VQ=
age: 15
x-77-cache: HIT
x-cache: HIT
x-age: 1050815
content-encoding: br
x-77-nzt: AcO1rzKNUwrvvwgQAA==
last-modified: Mon, 18 Jan 2021 11:14:30 GMT
server: CDN77-Turbo
etag: W/"4471efd520fd01abf13415c6253d668e"
content-type: image/svg+xml
cache-control: max-age=2592000, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: LkGKwMdAfjqxCFIiJDI7b_fM1jq_bNXxc05h8XksVOazUitpsfqEBQ==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
942 B 30ms
29ms Image
image/svg+xml 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 31 Mar 2021 20:02:54 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-77-nzt-ray: K43DsLgh5v4=
age: 20
x-77-cache: HIT
x-cache: HIT
x-age: 1050818
content-encoding: br
x-77-nzt: AcO1rzJ2QovvwggQAA==
last-modified: Mon, 18 Jan 2021 11:14:30 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: td5NZCUrUEE5z29qs1kyIA8YY1cJoGdKDOSZKpM7-2jJyGBLkRLjcg==

POST
H2 200 /
www.facebook.com/tr/ 0
54 B 29ms
29ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryXRQEylQcnEo91HaA

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 31 Mar 2021 20:02:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.ochsner.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179063748-1

Requested by

Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9734c345826e8bb508e4c7e82c2bd433ef9cfa1780771c10b4f3f4ee86715e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39090
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 18:30:14 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Mar 2021 20:02:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179063748-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1965275-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b98784e702d833a5053a56f20a85aeb4a04375020e8aeab1bb8036bc6023583b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39182
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 18:30:14 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Mar 2021 20:02:55 GMT

GET
H2 200 1.client.bundle.js Show response
guide.loyalhealth.com/client/ 107 KB
33 KB 173ms
171ms Script
application/javascript 40.74.227.172
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://guide.loyalhealth.com/client/1.client.bundle.js

Requested by

Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.74.227.172 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

5b696f67ea958162ccf454806576d8e1e2ca6005973c60e60dfeeb1164471bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:55 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 14:14:01 GMT
server: nginx
etag: W/"605c9aa9-1ad22"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 2.client.bundle.js Show response
guide.loyalhealth.com/client/ 439 KB
92 KB 181ms
179ms Script
application/javascript 40.74.227.172
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://guide.loyalhealth.com/client/2.client.bundle.js

Requested by

Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.74.227.172 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2b90258760ec34794ae5365adc1b878b4bc06796d2f0b9073f5c3ebe72a46ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:55 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 14:14:03 GMT
server: nginx
etag: W/"605c9aab-6dafe"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 7.client.bundle.js Show response
guide.loyalhealth.com/client/ 114 KB
26 KB 329ms
327ms Script
application/javascript 40.74.227.172
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://guide.loyalhealth.com/client/7.client.bundle.js

Requested by

Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.74.227.172 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

a69e175b7c1fe7f53e15dbd0e62e81c17b6aec9f7ee10868f8a024223dee73c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:55 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 14:14:04 GMT
server: nginx
etag: W/"605c9aac-1c86b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
86 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=458404047&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&ul=en-us&de=UTF-8&dt=Coronavirus%20%7C%20Ochsner%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GjAAUABAAAAAC~&jid=1721046310&gjid=1892343406&cid=956356855.1617220974&tid=UA-179063748-1&_gid=759055427.1617220975&_r=1&gtm=2ou3o0&z=1952128896

Requested by

Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ochsner.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ochsnerlogo.png
guidecdn.loyalhealth.com/images/ 1 KB
2 KB 157ms
9ms Image
image/png 2620:1ec:bdf::19
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://guidecdn.loyalhealth.com/images/ochsnerlogo.png
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1eb4615e1a09d8cd651c2d5b7d6bb95fad4961d588046c6b112a99c879d4d18b

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 20:02:55 GMT
x-azure-ref-originshield: 0JHVkYAAAAAD4EhdqhbNBSIHm88NlVIHaTE9OMjFFREdFMDExMAA1OTJiNGM4MC05ZDhjLTQ0NmMtYTg3OC00NjQxMmE1N2Q1Mzc=
x-cache: TCP_HIT
content-length: 1292
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 15:11:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D8865401AAEA9E"
x-azure-ref: 0b9VkYAAAAAArFLC1nbyES5InGZ8WMJO1RlJBRURHRTEwMTIANTkyYjRjODAtOWQ4Yy00NDZjLWE4NzgtNDY0MTJhNTdkNTM3
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e779359b-c01e-006e-6e3b-2444c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 206 message1.mp3
guidecdn.loyalhealth.com/sfx/ 19 KB
19 KB 132ms
9ms Media
audio/mp3 2620:1ec:bdf::19
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://guidecdn.loyalhealth.com/sfx/message1.mp3
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1043ae2b704cab2051deff66d04aacbaeb677ce01194508573440b23841a89db

Request headers

Referer: https://www.ochsner.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 20:02:55 GMT
x-azure-ref-originshield: 08odkYAAAAADq4hB3Qh2YQ4JUdUFzm4VGTE9OMjFFREdFMDExMQA1OTJiNGM4MC05ZDhjLTQ0NmMtYTg3OC00NjQxMmE1N2Q1Mzc=
x-cache: TCP_HIT
Content-Range: bytes 0-18966/18967
Content-Length: 18967
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 22 Jun 2017 17:27:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D4B993F16ACF58"
x-azure-ref: 0b9VkYAAAAADaHpcYyKHbQZ4jvRbruVnXRlJBRURHRTEwMTIANTkyYjRjODAtOWQ4Yy00NDZjLWE4NzgtNDY0MTJhNTdkNTM3
content-type: audio/mp3
access-control-allow-origin: *
x-ms-request-id: f0518fc1-801e-008c-6150-24a0b5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 7427 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/7/ 122 B
475 B 3085ms
347ms XHR
application/octet-stream 104.111.247.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/7/7427
Requested by: Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7km3VPt8qTEjQPpKKYc8qNeThmy6MQFL
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 20:37:19 GMT
server: ATS/7.1.0
x-amz-request-id: 06005EFKNHXGCH8Z
etag: "6cca99c84759289ef8e4ae63e8b2e2b9"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=544
date: Wed, 31 Mar 2021 20:02:59 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 120
x-amz-id-2: ah8USxGw7R5c/LSkeR03J67AaALFFkcDzwzqmAFv8C98sApq6rwdKVnv3/6OSA2/Io649chR41g=

GET
H2 200 / Show response
zn2gabpsdv2al2gdj-ochsner.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 60 KB
18 KB 181ms
91ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://zn2gabpsdv2al2gdj-ochsner.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2gABpSDV2Al2gDj&Q_LOC=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus&t=1617220976106

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9f23f68e1101d9a5f8b70179ca47adc5aaeb28a6410d156fa5c3562f32e0e8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 181388
cf-polished: origSize=62663
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 092b7ad65400001d1ed683e000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"f4c7-/eZ/O7DVEeAxAv3kbVlNThuak3Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 638c2d9d59eb1d1e-CPH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 optout_check Show response
beacon.krxd.net/ 65 B
224 B 188ms
58ms Script
text/javascript 52.48.82.49
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.ochsneramer.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.82.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-82-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d987975e1567ab66943bc11a557e669a9cbf0b8311b3c3a8c94630311e918b6f

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:56 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=32 t=1617220976
x-served-by: beacon-n020-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 319 B
474 B 149ms
148ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=928d82c1-5d05-469e-b613-0fb5712b43ab&technographics=1&callback=Krux.ns.ochsneramer.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7464f8dba81690d7b2aed4c53345ee26fe520927d2e069455f52726f26ee165b

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Wed, 31 Mar 2021 20:02:56 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a015-ash-prod.krxd.net, cache-hhn4082-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=3600
x-age: 0
accept-ranges: bytes
x-timer: S1617220976.156907,VS0,VE103
content-length: 246
x-cache-hits: 0, 0

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 55ms
54ms Image
text/plain 52.48.82.49
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=t503im7zs&_kpid=928d82c1-5d05-469e-b613-0fb5712b43ab&_kcp_s=Ochsner.org&_kcp_d=ochsner.org&_knifr=4&_kua_kx_tz=-120&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kpa_ochsner_org_url_path_1=coronavirus&_kpa_domain=ochsner.org&t_navigation_type=0&t_dns=132&t_tcp=244&t_http_request=-1&t_http_response=210&t_content_ready=1963&t_window_load=4253&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&sview=1&kplt0=41944&kplt1=40804&kplt2=41365&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F928d82c1-5d05-469e-b613-0fb5712b43ab%2C379%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2F928d82c1-5d05-469e-b613-0fb5712b43ab%2C362%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C190%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C153
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.82.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-82-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1617220976
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 optout_check Show response
beacon.krxd.net/ 84 B
243 B 55ms
54ms Script
text/javascript 52.48.82.49
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.ochsneramer.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.82.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-82-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f2cca7a26bb64defede95b5855a9c398ee2faaa98b2c50efc617a6f80732c13c

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:57 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=44 t=1617220977
x-served-by: beacon-n004-dub-prod.krxd.net
content-type: text/javascript

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 4 KB
2 KB 257ms
51ms Script
text/html 80.252.91.52
EQUINIX-CONNECT

General

Check archive.org

Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=7427&dispType=js&sync=0&sessionid=8160643739426393788&pageurl=$$https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus$$&activityValues=$$Session%3D8976428947858151145$$&ns=0&rnd=9216266895428196
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.52 Amsterdam, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 006d82c6ef54dac58d61e97ca90af22c77dc0fc159a701ce00d211a292e0aad3

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:02:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 1129
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame A57B
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

102ms
46ms

Script
application/x-javascript

37.157.2.249
ADFORM

General

Check archive.org

Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:59 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 14:31:38 GMT
server: nginx
etag: W/"605b4d4a-13e1b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 31 Mar 2021 20:02:59 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame A540
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

116ms
61ms

Script
application/x-javascript

37.157.2.249
ADFORM

General

Check archive.org

Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:02:59 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 14:31:38 GMT
server: nginx
etag: W/"605b4d4a-13e1b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 31 Mar 2021 20:02:59 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 19CE
Redirect Chain

https://secure.adnxs.com/px?id=1421453&seg=24917055&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1421453%26seg%3D24917055%26t%3D2

43 B
1 KB

53ms
53ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1421453%26seg%3D24917055%26t%3D2

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:02:59 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid: 6143cbde-b9fb-4672-b830-faeb694988e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:02:59 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid: aa3f0aab-202b-4ae9-b33b-21b1205da29a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1421453%26seg%3D24917055%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 33EC 70 B
261 B 188ms
64ms Image
image/gif 54.77.254.70
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=xczmexd&ct=0:u6r84y9&fmt=3
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.254.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-254-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame E86A 70 B
260 B 188ms
65ms Image
image/gif 54.77.254.70
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=xczmexd&ct=0:7n4oqcp&fmt=3
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.254.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-254-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

pixel
pixel.mediaiqdigital.com/ Frame 4265
Redirect Chain

https://secure.adnxs.com/px?id=1280628&seg=22479586&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu3%3D%26u4%3D%26pixel_id%3D1280628%26uid%3D%24%7BUID%7D&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1280628%26seg%3D22479586%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu3%253D%2526u4%253D%2526pixel_id%253D1280628%2526uid%253D%...
https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1280628&uid=1160829444962758288

2 B
501 B

205ms
51ms

Image
application/json

18.185.81.62
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1280628&uid=1160829444962758288

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.81.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-81-62.eu-central-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:02:59 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Origin,x-requested-with,origin,Content-Type,accept,X-PINGARUNER
Content-Length: 2

Redirect headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:02:59 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: eb8c4b36-0894-4f3a-ba80-c85fa662bdcc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1280628&uid=1160829444962758288
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/ Frame A57B
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2031136&ADFPageName=RT&ADFdivider=%7C&ord=540354295668&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=RT&ADFdivider=%7C&ord=540354295668&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus

906 B
1 KB

122ms
122ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=RT&ADFdivider=%7C&ord=540354295668&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3adcb45a4db2393eef77cd8922c68e80d271e64583504215a5c3ef10356edc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 718
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=RT&ADFdivider=%7C&ord=540354295668&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 status Show response
api.userway.org/api/seo-widget/v0/page/https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus/DESKTOP/WIDGET_OFF/ 77 B
295 B 199ms
199ms Fetch
application/json 52.25.5.245
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://api.userway.org/api/seo-widget/v0/page/https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus/DESKTOP/WIDGET_OFF/status
Requested by: Host: guide.loyalhealth.com
URL: https://guide.loyalhealth.com/client/client.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.5.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-5-245.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 77
x-service-version: 17022dfb65ced8805f8b9e1779d575906dac856d

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/ Frame A540
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2031136&ADFPageName=NOLA%20Brand_Page%20Engagement&ADFdivider=%7C&ord=244261939297&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=NOLA%20Brand_Page%20Engagement&ADFdivider=%7C&ord=244261939297&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%...

953 B
1 KB

122ms
122ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=NOLA%20Brand_Page%20Engagement&ADFdivider=%7C&ord=244261939297&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus

Requested by

Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c040030fdbaa2595311c47e670a5a229cc442af9efb68ceb2a59528a844e2a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ochsner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 744
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2031136&ADFPageName=NOLA%20Brand_Page%20Engagement&ADFdivider=%7C&ord=244261939297&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 4682 950 B
877 B 114ms
113ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2031136&lid=70034744&ctype=0&media=0&PageName=RT&rnd=1790574974&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

99b01e64781d4b72d0e65e956e70939af38e4ac33cb1d03b4cd9827247c58ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: a2.adform.net
:scheme: https
:path: /serving/container/?pm=2031136&lid=70034744&ctype=0&media=0&PageName=RT&rnd=1790574974&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ochsner.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=6578811291406717429; CM=1|0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ochsner.org/

Response headers

server: nginx
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame E70C 5 KB
2 KB 63ms
19ms Document
text/html 37.157.3.30
ADFORM

General

Check archive.org

Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2031136&ADFPageName=RT&ADFdivider=%7C&ord=540354295668&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

946b84284b5ad84905dcca8349c9dbfeca592d86bf712a69f71c031252c91d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ochsner.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=6578811291406717429; CM=1|0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ochsner.org/

Response headers

server: nginx
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1617307380_1617220980_1_Hu7u7u4e4e7u7u4REREeERERERHhEQ; expires=Wed, 14 Apr 2021 20:03:00 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame B248 974 B
895 B 114ms
114ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2031136&lid=70035165&ctype=0&media=0&PageName=NOLA+Brand_Page+Engagement&rnd=1686557761&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0e610f47773cd40f075891a966f3ccc255004956d6459e53d9cf0b2c8d05a6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: a2.adform.net
:scheme: https
:path: /serving/container/?pm=2031136&lid=70035165&ctype=0&media=0&PageName=NOLA+Brand_Page+Engagement&rnd=1686557761&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ochsner.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; CM=1|0; uid=5328706582315970934
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ochsner.org/

Response headers

server: nginx
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame B3E9 5 KB
2 KB 42ms
19ms Document
text/html 37.157.3.30
ADFORM

General

Check archive.org

Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2031136&ADFPageName=NOLA%20Brand_Page%20Engagement&ADFdivider=%7C&ord=244261939297&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.ochsner.org%2Fcoronavirus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2cc67c14586d5baca79d95ba3dd3fc00b2a9b4287401ec684e5ed66e60eebde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ochsner.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; CM=1|0; uid=5328706582315970934
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ochsner.org/

Response headers

server: nginx
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1617307380_1617220980_1_Hu7u7u4e4e7u7u4REREeERERERHhEQ; expires=Wed, 14 Apr 2021 20:03:00 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 plf
c1.adform.net/imatch/ Frame E70C 0
261 B 20ms
19ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E70C
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6578811291406717429&Expiration=1618430580
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6578811291406717429&Expiration=1618430580

43 B
422 B

60ms
60ms

Image
image/gif

35.157.249.55
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6578811291406717429&Expiration=1618430580
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6578811291406717429&Expiration=1618430580
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E70C 0
360 B 160ms
72ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=6578811291406717429

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 30 Mar 2021 20:03:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E70C 0
214 B 219ms
68ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E70C
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6578811291406717429&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6578811291406717429&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=49029f4fd8364eddb...
https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426

35 B
468 B

48ms
47ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426
date: Wed, 31 Mar 2021 20:03:00 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E70C
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6578811291406717429&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=7908988310733984587

35 B
468 B

47ms
47ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=7908988310733984587

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=7908988310733984587
pragma: no-cache
date: Wed, 31 Mar 2021 20:02:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55944/ Frame E70C
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=6578811291406717429&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=6578811291406717429&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6578811291406717429&_origin=1&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6578811291406717429&_origin=1&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true

0
964 B

125ms
67ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=6578811291406717429&_origin=1&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=6578811291406717429&_origin=1&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame E70C 43 B
713 B 278ms
130ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1617220980437062-26
Expires: Wed, 31 Mar 2021 20:03:00 GMT

GET sync
sy.eu.angsrvr.com/ Frame E70C 0
0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55859/ Frame E70C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6578811291406717429
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6578811291406717429
https://pixel.advertising.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent=&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent=&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true

0
964 B

70ms
62ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent=&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=3088094a-c2cf-4626-8862-ab1453a531f3&_origin=1&gdpr=&gdpr_consent=&apid=UP181c33db-925c-11eb-8a20-06e9cba9ab42&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E70C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6578811291406717429&expiration=1618430580
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6578811291406717429&expiration=1618430580&C=1

43 B
1005 B

140ms
139ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6578811291406717429&expiration=1618430580&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 31 Mar 2021 20:03:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6578811291406717429&expiration=1618430580&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Wed, 31 Mar 2021 20:03:00 GMT

GET
H/1.1

200
OK

semasio
sync.sharethis.com/ Frame E70C
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6578811291406717429&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6578811291406717429&sInitiator=external
https://sync.sharethis.com/semasio?uid=A6334ED2AB8D3001&gdpr=&gdpr_consent=&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fsync.sharethis.com%2Fsemasio%3Fgdpr%3D%26gdpr_consent%3D%26rd%3D0%26rurl%3Dhttps%253A%252F%252Fuipglob.semasio.net%252Fsharethis%252F1%252...
https://sync.sharethis.com/semasio?gdpr=&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=A6334ED2AB8D3001

42 B
167 B

39ms
39ms

Image
image/gif

52.58.221.124
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sync.sharethis.com/semasio?gdpr=&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=A6334ED2AB8D3001
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:03 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/semasio?gdpr=&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=A6334ED2AB8D3001
Date: Wed, 31 Mar 2021 20:03:03 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 238
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame E70C 0
344 B 257ms
76ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6578811291406717429&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame E70C 0
324 B 187ms
63ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame E70C
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=6578811291406717429
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjU3ODgxMTI5MTQwNjcxNzQyORAAGg0I9KqTgwYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH6k0a_SWUQCKxVVvx1PTFs&google_cver=1

42 B
189 B

77ms
77ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH6k0a_SWUQCKxVVvx1PTFs&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Mar 2021 20:03:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH6k0a_SWUQCKxVVvx1PTFs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=6578811291406717429
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame E70C
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6578811291406717429
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6578811291406717429

49 B
710 B

86ms
85ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.9.196
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6578811291406717429
cache-control: no-cache
x-server: 10.45.26.111
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame E70C 62 B
329 B 2215ms
189ms Image
image/gif 184.30.210.81
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.210.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-210-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:02 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 577f
Content-Type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E70C
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6578811291406717429
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6578811291406717429

43 B
106 B

96ms
96ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
via: 1.1 google
server: OXGW/16.205.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6578811291406717429
date: Wed, 31 Mar 2021 20:03:00 GMT
via: 1.1 google
server: OXGW/16.205.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame E70C
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

260ms
64ms

Image
image/gif

52.218.29.163
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:02 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: G9EEPTV2GY4JH9N9
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: +9h3Td9p68lIRZbvpsd1/gIMC4N0wNjCsCZaV6um1wUtH0gJjwIiLFrtUyBO9XIouz4uUgoX18U=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: akka-http/10.1.13
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame E70C 35 B
248 B 4676ms
135ms Image
image/gif 51.222.80.231
OVH

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=6578811291406717429&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame E70C 43 B
229 B 471ms
48ms Image
image/gif 88.80.189.68
LINODE-AP Linode

General

Check archive.org

Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.80.189.68 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li700-68.members.linode.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:01 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E70C 0
336 B 81ms
81ms Image
text/plain 52.48.82.49
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.82.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-82-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1617220980
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame E70C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjU3ODgxMTI5MTQwNjcxNzQyOQ
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NjU3ODgxMTI5MTQwNjcxNzQyOQ&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHt-GsiYdqtot_RcbbpKulk&google_cver=1&google_ula=1641347,0
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHt-GsiYdqtot_RcbbpKulk&google_cver=1&google_ula=1641347,0

35 B
468 B

25ms
25ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHt-GsiYdqtot_RcbbpKulk&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
location: https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHt-GsiYdqtot_RcbbpKulk&google_cver=1&google_ula=1641347,0
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame E70C 0
261 B 25ms
21ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame E70C
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=1483669026971755489&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934

43 B
1012 B

56ms
55ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid: 2892388b-449c-4d13-8058-c3f36fc020bc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame E70C 42 B
801 B 414ms
81ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:01 GMT
X-lat: lhrpug016:0:551
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame E70C 43 B
444 B 459ms
61ms Image
image/gif 13.226.159.66
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-66.dus51.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 14:30:14 GMT
Via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.16.1
Age: 19967
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 43
X-Amz-Cf-Id: 799n37_5CvQ79WcAm8stoBkKhfKKM8tCnX2YrFGcWAbYY6zTZFyfWw==

GET
H/1.1

200

p
a.audrte.com/ Frame E70C
Redirect Chain

https://a.audrte.com/a?adform_uid=6578811291406717429
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&google_gid=CAESEE4DnhNnvWYriCA42RNdzyI&google_cver=1
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=g7fJPFhR8ElQLi2TGEe5GEsNQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
1 KB

122ms
122ms

Image
image/avif

52.4.128.233
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-128-233.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:05 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/avif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 31 Mar 2021 20:03:04 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E70C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6578811291406717429&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6578811291406717429&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=78524647244521337980564930904862019553&noredirect=1

35 B
477 B

40ms
40ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=78524647244521337980564930904862019553&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5fQSG492RDA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=78524647244521337980564930904862019553&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E70C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6578811291406717429
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010203742001362431

35 B
477 B

35ms
34ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010203742001362431

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010203742001362431
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E70C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228109093004

35 B
468 B

36ms
36ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228109093004

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228109093004
Date: Wed, 31 Mar 2021 20:03:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame E70C 62 B
725 B 1849ms
185ms Image
image/gif 184.30.210.81
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.210.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-210-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:03 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 8bbf
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E70C
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=23aa6064-d575-4e00-bed1-d15116a946f6

35 B
468 B

31ms
31ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=23aa6064-d575-4e00-bed1-d15116a946f6

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 31 Mar 2021 20:03:01 GMT
Server: MT3 3628 75f709e master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=23aa6064-d575-4e00-bed1-d15116a946f6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 31 Mar 2021 20:03:53 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E70C
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=uByTF2ov1LrH3n5

35 B
468 B

26ms
26ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=uByTF2ov1LrH3n5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:01 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-00a76065dd49f0bd3@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=uByTF2ov1LrH3n5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E70C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c

35 B
468 B

23ms
22ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame E70C 0
72 B 3468ms
144ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Englewood, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1

200

3.gif
id5-sync.com/c/10/112/0/ Frame E70C
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=6578811291406717429
https://id5-sync.com/c/10/10/2/1.gif?puid=6578811291406717429&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOT6QIoTAlgzdbTHgnoZ7YDm_5XI07Q-FJe7k3qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOT6QIoTAlgzdbTHgnoZ7YDm_5XI07Q-FJe7k3qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpu...
https://id5-sync.com/cq/10/124/1/2.gif?puid=7d4225f5-2ac5-4593-945c-d8444edfabbe&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=

43 B
1 KB

64ms
60ms

Image
image/gif

51.89.21.10
OVH

General

Check archive.org

Download Go to Show image

Full URL

https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:04 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:59 GMT
frontend-id: 8
location: https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E70C
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=200950015
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu

35 B
468 B

25ms
25ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
via: 1.1 google
last-modified: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E70C 23 B
172 B 152ms
73ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 31 Mar 2021 20:03:02 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame E70C
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6578811291406717429
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6578811291406717429&cs=1

35 B
376 B

41ms
40ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6578811291406717429&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6578811291406717429&cs=1
date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame E70C 0
236 B 1191ms
67ms Image
text/plain 13.226.159.42
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6578811291406717429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-42.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:03 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 6rhxpGg6IR0p-fX3lvSU70iAsGxFZVm8krtJw_VKnFH56l78PEcyZg==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E70C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6578811291406717429&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6578811291406717429&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc

35 B
468 B

19ms
19ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Wed, 31 Mar 2021 20:03:03 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc
alt-svc: clear
content-length: 0

GET
H2 200 6578811291406717429
match.contentexchange.me/adform/ Frame E70C 0
48 B 831ms
64ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6578811291406717429?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:03 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame E70C 37 B
351 B 36ms
35ms Image
image/gif 3.64.73.215
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=6578811291406717429&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame E70C 0
261 B 23ms
22ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6578811291406717429&agencyId=6276&advertiserId=2067080&src=tp&rnd=50396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 plf
c1.adform.net/imatch/ Frame B3E9 0
261 B 22ms
22ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame B3E9
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5328706582315970934&Expiration=1618430580
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5328706582315970934&Expiration=1618430580

43 B
423 B

61ms
60ms

Image
image/gif

35.157.249.55
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5328706582315970934&Expiration=1618430580
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5328706582315970934&Expiration=1618430580
date: Wed, 31 Mar 2021 20:03:00 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B3E9 0
360 B 154ms
68ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=5328706582315970934

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 30 Mar 2021 20:03:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame B3E9 0
214 B 219ms
66ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B3E9
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5328706582315970934&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5328706582315970934&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=48df641dc8cc4146a...
https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426

35 B
468 B

47ms
47ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=07f89a892f4cb391566c12bff09ee0e5743c9b3975b3c7160f9cc52cc4d44426
date: Wed, 31 Mar 2021 20:03:00 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B3E9
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5328706582315970934&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=3250148726832108531

35 B
468 B

47ms
47ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=3250148726832108531

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=3250148726832108531
pragma: no-cache
date: Wed, 31 Mar 2021 20:02:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55944/ Frame B3E9
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=5328706582315970934&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=5328706582315970934&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5328706582315970934&_origin=1&apid=UP181be658-925c-11eb-9809-06bd269667d6
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5328706582315970934&_origin=1&apid=UP181be658-925c-11eb-9809-06bd269667d6&verify=true

0
964 B

74ms
67ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5328706582315970934&_origin=1&apid=UP181be658-925c-11eb-9809-06bd269667d6&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=5328706582315970934&_origin=1&apid=UP181be658-925c-11eb-9809-06bd269667d6&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame B3E9 43 B
713 B 293ms
129ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1617220980406052-348
Expires: Wed, 31 Mar 2021 20:03:00 GMT

GET sync
sy.eu.angsrvr.com/ Frame B3E9 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame B3E9
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=5328706582315970934
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5328706582315970934
https://eb2.3lift.com/xuid?mid=2409&xuid=3088094a-c2cf-4626-8862-ab1453a531f3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=3088094a-c2cf-4626-8862-ab1453a531f3&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

37 B
352 B

67ms
66ms

Image
image/gif

3.64.73.215
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=3088094a-c2cf-4626-8862-ab1453a531f3&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2409&xuid=3088094a-c2cf-4626-8862-ab1453a531f3&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 31 Mar 2021 20:03:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B3E9
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5328706582315970934&expiration=1618430580
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5328706582315970934&expiration=1618430580&C=1

43 B
1005 B

137ms
136ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5328706582315970934&expiration=1618430580&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 31 Mar 2021 20:03:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5328706582315970934&expiration=1618430580&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Wed, 31 Mar 2021 20:03:00 GMT

GET
H/1.1

200
OK

info
uip.semasio.net/userreport/1/ Frame B3E9
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5328706582315970934&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5328706582315970934&sInitiator=external
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=f0121c39-bc29-486c-a3cc-bce08d1e2549
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODYzMzU0QjYyQkU5MjBFNQ&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENe_LBkJ0njND2aT5DHpI9E&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
https://redirect.userreport.com/cs/1/863354B62BE920E5&gdpr_consent=
https://uip.semasio.net/userreport/1/info

42 B
603 B

117ms
50ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Download Go to Show image

Full URL: https://uip.semasio.net/userreport/1/info
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Date: Wed, 31 Mar 2021 20:03:03 GMT
Via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Location: https://uip.semasio.net/userreport/1/info
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: w837a31CMbgSnasKt3IwNl03P0VhKYT3WxBWzU89qT15KT43gUccDg==

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame B3E9 0
344 B 247ms
68ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5328706582315970934&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame B3E9 0
324 B 187ms
64ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

451

396846.gif
idsync.rlcdn.com/ Frame B3E9
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=5328706582315970934
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=53b319ba-27ec-4cae-91d4-03514bb208d5

0
42 B

88ms
87ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=53b319ba-27ec-4cae-91d4-03514bb208d5
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:01 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Wed, 31 Mar 2021 20:03:00 GMT
content-encoding: gzip
server: OXGW/16.205.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=53b319ba-27ec-4cae-91d4-03514bb208d5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

tpid=5328706582315970934
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame B3E9
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5328706582315970934
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5328706582315970934

49 B
710 B

121ms
121ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.47
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5328706582315970934
cache-control: no-cache
x-server: 10.45.23.225
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame B3E9 62 B
329 B 2025ms
190ms Image
image/gif 184.30.210.81
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.210.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-210-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:02 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 9715
Content-Type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B3E9
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5328706582315970934
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5328706582315970934

43 B
180 B

95ms
95ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
via: 1.1 google
server: OXGW/16.205.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5328706582315970934
date: Wed, 31 Mar 2021 20:03:00 GMT
via: 1.1 google
server: OXGW/16.205.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame B3E9
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

329ms
70ms

Image
image/gif

52.218.29.163
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:02 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: G9EDFNQDP6WY2456
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: LCzng7bbt00hQpJT0vwSN6wKfO9RCrQGOy4YAcrJGvHzLPRf5D17RAlBA+DQU5mIk9BNqcEjwLU=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: akka-http/10.1.13
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame B3E9 35 B
248 B 4543ms
140ms Image
image/gif 51.222.80.231
OVH

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=5328706582315970934&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame B3E9 43 B
229 B 429ms
57ms Image
image/gif 88.80.189.68
LINODE-AP Linode

General

Check archive.org

Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.80.189.68 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li700-68.members.linode.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:01 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame B3E9 0
336 B 79ms
78ms Image
text/plain 52.48.82.49
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.82.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-82-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1617220980
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame B3E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTMyODcwNjU4MjMxNTk3MDkzNA
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTMyODcwNjU4MjMxNTk3MDkzNA&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGSAi6ebOAHvLCbQnZNNnUw&google_cver=1&google_ula=1641347,0
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGSAi6ebOAHvLCbQnZNNnUw&google_cver=1&google_ula=1641347,0

35 B
466 B

25ms
24ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGSAi6ebOAHvLCbQnZNNnUw&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
location: https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGSAi6ebOAHvLCbQnZNNnUw&google_cver=1&google_ula=1641347,0
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame B3E9 0
261 B 28ms
24ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame B3E9
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=1483669026971755489&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934

43 B
1013 B

54ms
53ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:00 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid: bfbd3c7f-3a0c-443e-8840-7a42be04b1d8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=5328706582315970934
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame B3E9 42 B
801 B 364ms
79ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:01 GMT
X-lat: lhrpug005:0:681
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame B3E9 43 B
444 B 397ms
56ms Image
image/gif 13.226.159.66
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-66.dus51.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 14:30:14 GMT
Via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.16.1
Age: 19967
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 43
X-Amz-Cf-Id: 7NLFw2y1GoGc7V9HuyVKpbeEiMOOVyeRzEvKEIhkPa7-SHBwNrL3AA==

GET
H/1.1

200

p
a.audrte.com/ Frame B3E9
Redirect Chain

https://a.audrte.com/a?adform_uid=5328706582315970934
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&google_gid=CAESEE4DnhNnvWYriCA42RNdzyI&google_cver=1
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=g7fJPFhR8ElQLi2TGEe5GEsNQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
1 KB

120ms
119ms

Image
image/avif

52.4.128.233
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-128-233.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:05 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/avif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 31 Mar 2021 20:03:05 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B3E9
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5328706582315970934&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5328706582315970934&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=28847562499556174912693410000634605597&noredirect=1

35 B
477 B

32ms
32ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=28847562499556174912693410000634605597&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nocwtwx8Rv4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=28847562499556174912693410000634605597&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B3E9
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5328706582315970934
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010303742001362986

35 B
468 B

35ms
33ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010303742001362986

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010303742001362986
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B3E9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228106930316

35 B
468 B

38ms
38ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228106930316

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6945911228106930316
Date: Wed, 31 Mar 2021 20:03:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame B3E9 62 B
725 B 1705ms
190ms Image
image/gif 184.30.210.81
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.210.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-210-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:02 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 3610
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B3E9
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=1ef06064-d575-4e00-8953-a37e15341788

35 B
468 B

32ms
32ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=1ef06064-d575-4e00-8953-a37e15341788

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 31 Mar 2021 20:03:01 GMT
Server: MT3 3628 75f709e master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=1ef06064-d575-4e00-8953-a37e15341788
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 31 Mar 2021 20:03:53 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B3E9
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=d8ipdPML1LrH3n5

35 B
468 B

40ms
26ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=d8ipdPML1LrH3n5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 20:03:01 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0ab29fc25246f26bf@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=d8ipdPML1LrH3n5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B3E9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c

35 B
468 B

22ms
22ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bc6ad02b-818d-4b78-9ebb-70e5d4cbb11c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame B3E9 0
72 B 1833ms
138ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Englewood, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1

200

3.gif
id5-sync.com/c/10/112/0/ Frame B3E9
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=5328706582315970934
https://id5-sync.com/c/10/10/2/1.gif?puid=5328706582315970934&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOvUBnR10_h092Q9lUfvcpcnNHYVczcw-c3EIOYA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=7d4225f5-2ac5-4593-945c-d8444edfabbe&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=

43 B
1 KB

57ms
57ms

Image
image/gif

51.89.21.10
OVH

General

Check archive.org

Download Go to Show image

Full URL

https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:04 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:02:59 GMT
frontend-id: 8
location: https://id5-sync.com/c/10/112/0/3.gif?puid=863354B62BE920E5&gdpr=1&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B3E9
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=526896213
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu

35 B
477 B

26ms
26ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:01 GMT
via: 1.1 google
last-modified: Wed, 31 Mar 2021 20:03:01 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EH9U6OaiyiNct6Eu6oyyEu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B3E9 23 B
172 B 153ms
73ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 31 Mar 2021 20:03:02 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame B3E9
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5328706582315970934
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5328706582315970934&cs=1

35 B
376 B

41ms
40ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5328706582315970934&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5328706582315970934&cs=1
date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame B3E9 0
237 B 1204ms
80ms Image
text/plain 13.226.159.42
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5328706582315970934
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-42.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:03 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: HdHGKPyITntoE6m0w8grC7QL9VZSp1kN6OyJzOrxfrLuUpDZzD2Vww==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B3E9
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5328706582315970934&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5328706582315970934&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc

35 B
468 B

20ms
19ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 20:03:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Wed, 31 Mar 2021 20:03:03 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=1a06c572-925c-11eb-b1dc-1e8716ff73cc
alt-svc: clear
content-length: 0

GET
H2 200 5328706582315970934
match.contentexchange.me/adform/ Frame B3E9 0
49 B 937ms
63ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5328706582315970934?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:03 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame B3E9
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=5328706582315970934&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5328706582315970934&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
351 B

36ms
34ms

Image
image/gif

3.64.73.215
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5328706582315970934&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=5328706582315970934&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 31 Mar 2021 20:03:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame B3E9 0
261 B 25ms
23ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=5328706582315970934&agencyId=6276&advertiserId=2067080&src=tp&rnd=1421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:03:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 4682 597 B
1 KB 180ms
75ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1376128&mt_adid=213056&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2031136&lid=70034744&ctype=0&media=0&PageName=RT&rnd=1790574974&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master cdg-pixel-x10 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: MT3 3628 75f709e master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 31 Mar 2021 20:03:52 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame B248 597 B
1 KB 186ms
77ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1471895&mt_adid=213056&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2031136&lid=70035165&ctype=0&media=0&PageName=NOLA+Brand_Page+Engagement&rnd=1686557761&cpref=&loc=https%3a%2f%2fwww.ochsner.org%2fcoronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master cdg-pixel-x11 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: MT3 3628 75f709e master cdg-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 31 Mar 2021 20:03:52 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4682 43 B
480 B 82ms
82ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.ochsner.org
URL: https://www.ochsner.org/coronavirus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master zrh-pixel-x28 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: MT3 3628 75f709e master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 31 Mar 2021 20:02:59 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame B248 43 B
480 B 84ms
84ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1471895&mt_adid=213056&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master cdg-pixel-x10 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 20:03:00 GMT
Server: MT3 3628 75f709e master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 31 Mar 2021 20:03:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sy.eu.angsrvr.com
URL: https://sy.eu.angsrvr.com/sync?type=host&dsp=13&dspuuid=6578811291406717429

Domain: sy.eu.angsrvr.com
URL: https://sy.eu.angsrvr.com/sync?type=host&dsp=13&dspuuid=5328706582315970934

Verdicts & Comments Add Verdict or Comment

117 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ochsner.org/	1970-01-19 17:15:07	Name: hg_ga_cid Value: 956356855.1617220974
www.ochsner.org/	1970-01-19 17:15:07	Name: hg_campaign_url Value: https://www.ochsner.org/coronavirus
www.ochsner.org/	1969-12-31 23:59:59	Name: Value: https://www.ochsner.org/coronavirus
.ochsner.org/	1970-01-19 17:13:41	Name: _gat_gtag_UA_179063748_1 Value: 1
.ochsner.org/	1970-01-20 10:44:52	Name: _evga_f199 Value: {%22uuid%22:%22db4dd4826056a102%22}
.ochsner.org/	1970-01-19 17:15:07	Name: _gid Value: GA1.2.759055427.1617220975
.ochsner.org/	1970-01-20 10:44:52	Name: _ga Value: GA1.2.956356855.1617220974
.ochsner.org/	1970-01-19 19:23:16	Name: _fbp Value: fb.1.1617220974608.2135447760

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: Krux fire
console-api	log	URL: https://guide.loyalhealth.com/client/client.bundle.js(Line 2) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
api.adrtx.net
api.userway.org
assets.sitescdn.net
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.callrail.com
cdn.evgnet.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.polyfill.io
cdn.userway.org
cid3.actonsoftware.com
cid3.aocdn.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
guide.loyalhealth.com
guidecdn.loyalhealth.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
l.sharethis.mgr.consensu.org
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
ochsner-craft.s3.amazonaws.com
ochsner.hrm.healthgrades.com
ochsner.us-1.evergage.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.mediaiqdigital.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
redirect.userreport.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
s3.amazonaws.com
s3.us-east-2.amazonaws.com
script.crazyegg.com
secure-ds.serving-sys.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
siteimproveanalytics.com
stats.g.doubleclick.net
sy.eu.angsrvr.com
sync.1dmp.io
sync.crwdcntrl.net
sync.sharethis.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
uip.semasio.net
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
wpcc.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.ochsner.org
x.bidswitch.net
zn2gabpsdv2al2gdj-ochsner.siteintercept.qualtrics.com
sy.eu.angsrvr.com
104.111.218.85
104.111.242.245
104.111.247.190
104.17.209.240
108.129.45.237
13.226.159.42
13.226.159.66
13.32.25.82
142.250.185.66
142.250.185.98
151.101.114.133
151.101.192.114
18.185.81.62
18.198.69.109
184.30.210.81
185.167.164.49
185.33.221.15
185.64.190.80
185.86.139.114
2.18.233.201
2.18.234.233
207.189.124.124
216.46.185.182
23.111.9.35
23.202.53.51
2600:9000:211e:e800:d:b853:c880:93a1
2600:9000:2182:a800:6:44e3:f8c0:93a1
2606:4700::6812:7034
2606:4700::6813:9408
2606:4700:e6::ac40:c418
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:bdf::19
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:811::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a02:6ea0:c700::3
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a04:4e42:3::621
3.121.27.153
3.123.78.164
3.126.56.137
3.224.161.34
3.64.73.215
34.255.79.142
35.157.249.55
35.158.49.68
35.158.87.209
35.190.16.14
35.227.248.159
35.244.159.8
35.244.174.68
37.157.2.249
37.157.3.30
40.74.227.172
46.19.11.36
50.57.30.83
51.222.80.231
51.89.21.10
52.216.134.59
52.217.0.85
52.218.29.163
52.219.102.161
52.25.5.245
52.28.42.15
52.28.82.26
52.4.128.233
52.48.82.49
52.49.59.93
52.58.221.124
52.59.28.101
54.171.173.220
54.174.92.145
54.77.254.70
68.183.157.211
69.173.144.138
77.243.60.138
78.46.100.125
80.252.91.52
85.114.159.93
88.80.189.68
006d82c6ef54dac58d61e97ca90af22c77dc0fc159a701ce00d211a292e0aad3
046aab396a1b7731f7af43c9de3105941c143964f6be8b4823592f3beb99e760
06d19fb03f2f83e9d41666d24733926bd775affa9842df34c6d2628f3762d863
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e610f47773cd40f075891a966f3ccc255004956d6459e53d9cf0b2c8d05a6b5
0fa1e63b3259c92a003ff760e6d77d05488925aab079eb8c2d38216a89378cc7
0fb2cade5ef3f0b42f63af9112eee43eaeaa2270554cdbf1572565b99876c870
1043ae2b704cab2051deff66d04aacbaeb677ce01194508573440b23841a89db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1889994acccfac3f2bfa912b8f3dc3cc3389fcccafd049c612ce8ed5b3577cd0
18bb938736ae12accffe1c3ddd8d5a542fe154f8be929761a32cdadffb4aa1c3
19ab1248e8f66635f16b22a50d938de9da52223a7d42a83344d364cc664494fa
1eb4615e1a09d8cd651c2d5b7d6bb95fad4961d588046c6b112a99c879d4d18b
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2555cd7bed0d9edd14bcfd13455fb9d770b2fab19f5f2b0777bd5943bb2a4d28
2628545b0e542fd74b1e90b69ca67ad502078e1d456003950d9b825ad2d1e7af
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
29d92ac472601822dcce42088f2554ba36e11287d5db9e199a3b7646ad89eeb4
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b90258760ec34794ae5365adc1b878b4bc06796d2f0b9073f5c3ebe72a46ea9
2c591c89e1fa8e0b41f6c37ccbb0250cdded0970176a26177cc1502af66fa171
2cc67c14586d5baca79d95ba3dd3fc00b2a9b4287401ec684e5ed66e60eebde3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
311df1df5293d0d3de226f460e35a8f60326a6266e6103da0032895b30d04f81
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3889fb67c1326dc277e2e1ffabd384c8034e4489310d6d15b322677ebfecefe6
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a
38e18d309ab55773c6c6f894767e923d1b028585bf390b2917008f6aa71fd489
40ba2553e8ec6ec5c3579014facd7470efb4bcde92b519d0a99e63e807600c1f
42b47120f264ade6a4649dd2fd051ac4ceefce4baef02ef40ee2d51115d964fd
45012e95f3a909735b4131739278f792d66fabb8e0db752a5db4dd379584a34e
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
483877393767232a37b9f0d6a7e3dff912666c83bf74715b67b4b82fc6d60d97
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5b696f67ea958162ccf454806576d8e1e2ca6005973c60e60dfeeb1164471bff
5cdb58e2ef9f9e37e54c6e3734cbcef2f21d5ade1d05f6beaa2759762d737cdf
5d6e3816923d0b71acd055fc74084bad8536ee017ee61b0f7755ff7aaaa07c1b
5fcba79877c44371799f646c1e31a9ce54a1474cea06524ee50fcfb704149cf2
616f254eefb72b52fbfe3554338f9d877a3ae32389c35c659457018a11b490b8
617d817a8511d9ee709ae283545dec490f32bbb5e4864935f9938cac01b43a8e
624d5963ca72f268711831944d1558a6fe04c973a30c3f73910e2b644eaaa180
6472a995ce7200167b8d58baeefa34f4ce22e4765c3009dcd41397690a95dea0
66fe79e0b61dab31119367247dc1f39b339ea58556f307f1d64f2ba2f52f8fd9
671d5009781a2b2b209d698d5d0c90df110a51486a7885c035deef550766924c
69b47b796c9f07fced6a43a075deb29ad7c097f66587fdca7cebe6c9b183ef4e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bca62b2308a583c996aa280ffd6f812bacc0e363a4d10fd3627632f39d7be78
6ecf674c21a37d0fc22d9669f7eb3eede7209329237a5d3fe1964ad8dba3c1bd
7464f8dba81690d7b2aed4c53345ee26fe520927d2e069455f52726f26ee165b
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
79f8a51dc546a65143dc002ae1c3ee5c3b1581e1d98361e0ac6243d7b3c9b25d
7cc1652d81f9dfbd8864d2d2942a963a2034a1d9f293138d4915536cf212f558
7cd670ed7981f2f20d8a9f2c3a01a399fd88b3ba519f07e3099ddf9ff848a027
829b2d54ac743aa5c07500c3bcce7497ecfc406f14ff264246f96f92a91cc16e
83086651813df72cf35509ce807167b88e3bcbcec1c270c5753032bb1b5aa688
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8b95dba2c2d48682d8faf81f358cdc56cfdcd0b7ffee6fc894287dd1e5c2b1c6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
914d0e6612ff0e69710ac2cebae2e92c39ee34ad1195f6d536869bc5045307af
9239b60589b0bd9f6810f797b152c7d59e8f0e5a0692c2cfef089126a4646185
946b84284b5ad84905dcca8349c9dbfeca592d86bf712a69f71c031252c91d8f
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9734c345826e8bb508e4c7e82c2bd433ef9cfa1780771c10b4f3f4ee86715e71
973ff4f60f5dfbee91e6725079e9a9fa00782b5b0268d9ea8cd914f4e874eb69
9867478c7039be7b1a12e71cb79fd95b54cfc8e094acf30375e4088e9d747020
99b01e64781d4b72d0e65e956e70939af38e4ac33cb1d03b4cd9827247c58ab8
99b90ef1cedfd3cf58db1e2c11d1f30ebcae075fcc725e70072baae5f069c093
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b2a6655a07666de3d487217b96021ce748dce75d5970f01a5a035674fdd3a77
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f23f68e1101d9a5f8b70179ca47adc5aaeb28a6410d156fa5c3562f32e0e8f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3c2745ff2967c7e7d4714b5518d7e54321b6a016e1051032ffd13248f045350
a69e175b7c1fe7f53e15dbd0e62e81c17b6aec9f7ee10868f8a024223dee73c7
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4
abc8a8a2ced15f7a398c1979df35cc2d1a61c5695e8b622739d69f7a847eeeb6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b4195f7c7517a3d2a10ef60a96ff4621c138aa241cf3792832e2c2abbd335f
b31c3f08645c32aec8aa5980b25d8ef49ede32fa96164f287bc8ee47587db59a
b361862dc7d88a5aad8b463bbb80f6c79b8b57453a6d45746b20caedc4914a0e
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b500f5cde6248a56de432973ff8f8932cc28df627f0fc478e346b4388e90a297
b714a6bfa8253e9c82117a8798778f799f2748f2be99d696da01ab237a8c7d64
b98784e702d833a5053a56f20a85aeb4a04375020e8aeab1bb8036bc6023583b
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412
bfc7f9e6335076fcfa947934b08a65a22809ea20f7f57246f88066d379ead8a1
c040030fdbaa2595311c47e670a5a229cc442af9efb68ceb2a59528a844e2a06
c40532c7250be139c691dba1720c741378505a33f032aacaf0b3fd1ec352e212
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c7076caaedeb016a3e14784f56a7621f3de3ed4bf09587159a44c37e8335f25d
c77a37633650da45a826fd35f027c8fd591c657161425c91972ba54ee992c90e
c82d1795803cbbe1abcd2c05e60aee240f60c4d9907a5976e5484a180b5c9adf
ccf3b9e49126ed5bd913ae356297c9f2dc83f9943ce797d715b31332313f3da5
cdd9967d7009963e5f472f943029a9beb031da5c6c9ae62faa026334f3827666
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d987975e1567ab66943bc11a557e669a9cbf0b8311b3c3a8c94630311e918b6f
dc01de7ef4637a56ef0c1e7e869abd0e9134d9dde4941a68bd808326ba542fbf
dc32c38f67e11089aed298bbfe7ca99ba92986a167f380140de3e3a7be7ae5c6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea8baa3c053af7a09febb9d011375809627515330d62d546d0e6782700c4b0e
e37c1c1b35d0a84ca694ed25a41e122ac41e326bfeeee98235321c140bfaa9de
e3adcb45a4db2393eef77cd8922c68e80d271e64583504215a5c3ef10356edc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d44db23ba44198fda4e1c3da776e299d09d17f4e6075afde9aaef6901d2ba5
e5fc452742c08d505d21569e391d74dde03f076aa236d7d0b1b5b5d0b68b7549
e663a979e820ebca8ab1a87e304758f30c09a1053c69a011e17df1986f1b2118
e75cf8738e00c781fa7d2f4ae1131bc645ed8333e1f937e4280b43e07043fb28
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a3e549556b14b6adcf68cdaa9c50e16a8a6bf0bd94dbec6eb4a3557bbb5693
f2cca7a26bb64defede95b5855a9c398ee2faaa98b2c50efc617a6f80732c13c
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f976ca34dbfaf0d7dff3395aff9729ad95d21065ba1618d22386e2b6eb7d4eef
fd602dc95f98bb7bd1ef26c07a8bea6bcb1773da8ac3155ddad9f18b93eafe08

www.ochsner.org Open in urlscan Pro 50.57.30.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

215 Requests

99 %HTTPS

24 %IPv6

76 Domains

96 Subdomains

72 IPs

11 Countries

3940 kBTransfer

8658 kBSize

8 Cookies

47 Outgoing links

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ochsner.org Open in urlscan Pro
50.57.30.83 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

99 %
HTTPS

24 %
IPv6

76
Domains

96
Subdomains

72
IPs

11
Countries

3940 kB
Transfer

8658 kB
Size

8
Cookies

215 HTTP transactions
12 data transactions